GraphQL Shield

Open source

GraphQL server permissions as another abstraction layer of logic.

Become a contributor

Financial contributions

Custom contribution

Donation

Make a custom one time or recurring contribution to support this collective.
+ 8

6 individuals and 6 organizations have contributed

Membership

Backer

Join us for $10.00 per month and help us sustain our activities!

$10 USD / month

+ 3

4 individuals and 3 organizations have contributed

Recurring contribution

Sponsor

Join us for $100.00 per month and help us sustain our activities!

$100 USD / month

1 organization has contributed

Top financial contributors

Organizations

1

GraphCMS

$2k USD since May 2018

2

Hitabis GmbH

$300 USD since Mar 2019

3

Open Collective Inc.

$25 USD since May 2019

4

Scraper API 2

$18 USD since Oct 2018

5

Affiliate Genius

$10 USD since Aug 2018

6

ScrapingBee

$10 USD since Oct 2019

Individuals

1

Isaac Duran

$75 USD since Aug 2018

2

Nilan Marktanner

$57 USD since May 2018

3

Jason Brown

$55 USD since Jun 2018

4

Pia Mancini

$10 USD since May 2018

5

Oleksandr Mieliekh

$10 USD since Mar 2019

6

Jamie Barton

$8 USD since May 2018

Budget

See how money openly circulates through GraphQL Shield. All contributions and all expenses are published in our transparent public ledger. Learn who is donating, how much, where is that money going, submit expenses, get reimbursed and more!

Monthly donation to GraphQL Shield (Backer)

ScrapingBee | 10/10/2019 | View Details 
+$10.00USD
Matic Zavadlal | 10/8/2019 | View Details 
-$650.00USD

Monthly donation to GraphQL Shield (backer)

Isaac Duran | 10/1/2019 | View Details 
+$5.00USD

Today’s balance

$36.04 USD

Estimated annual budget

~ $1,517.83 USD

GraphQL Shield is all of us

Our contributors 13

Everyone who has supported GraphQL Shield. Individuals and organizations that believe in –and take ownership of– our purpose.

Matic Zavadlal
Collective Admin
GraphCMS
Financial Contributor

Total contributions

$1,800 USD

Awesome project! We would love to see more contributions like this to the GraphQL ecosystem!

Hitabis GmbH
Financial Contributor

Total contributions

$300 USD

Isaac Duran
Financial Contributor

Total contributions

$75 USD

Nilan Marktanner
Financial Contributor

Total contributions

$57 USD

Thanks for working on this great project!

Jason Brown
Financial Contributor

Total contributions

$55 USD

Open Collecti...
Financial Contributor

Total contributions

$25 USD

Scraper API 2
Financial Contributor

Total contributions

$18 USD

Pia Mancini
Financial Contributor

Total contributions

$10 USD

Affiliate Genius
Financial Contributor

Total contributions

$10 USD

Thanks for creating this!

Oleksandr Mie...
Financial Contributor

Total contributions

$10 USD

ScrapingBee
Financial Contributor

Total contributions

$10 USD

About

GraphQL Shield

Permissions done the way they should be - abstracted away as another layer of logic.

The new way of thinking about permissions 🧠

There are mainly two methods of describing your permission logic in GraphQL server. You can write schema directives, or you include the logic inside every one of your resolvers. I hate the first one. It mixes the reasoning behind your application with a schema. In my opinion, the schema should only define the model, not the logic as well. On the other hand, you could describe your permission logic within your resolvers, but then again DRY - horrible! What if there were a third unforeseen option that might save the day?

GraphQL Shield for the win 🏆

GraphQL shield abstracts away your permission layer and allows you to reuse your ruleset in an intuitive yet straightforward way. Under the hood, there's a V8 shield engine. We know how vital the execution time of a query is and made significant optimisations to permission caching. Not only do we store resolved permission results, but also create cache maps up front to predetermine the best way to process the request.

Defining permissions is as comfortable as thinking about them. We are reusing a familiar API from GraphQL server and combining it with intuitive shield logic. Check out how simple it is to create an authentication mechanism.

import { rule, shield, allow } from 'graphql-shield'

const typeDefs = `
  type Query {
    viewer: Viewer
    fruits: [Fruit!]!
  }

  type Fruit {
    name: String!
    count: Int!
  }

  type Viewer {
    cart: [Fruit!]!
  }
`

// Rules

const isAuthenticated = rule()((parent, args, ctx, info) => {
  return ctx.user !== null && parent.mad === false
})

// Permissions

const permissions = shield({
  Query: allow,
  Fruit: {
    name: allow,
    count: isAuthenticated
  }
  Viewer: isAuthenticated,
})

Join the party 🎉

We love working on Shield and believe it is thoroughly changing the way we approach writing permission logic of our servers. Join our collective and support development of this fantastic tool!