graphqr 0.0.2 → 0.0.7

checksums.yaml

@@ -1,7 +1,7 @@
 ---
-SHA1:
-  metadata.gz: 30f68dd1bcb6907786a2bd497b056fc44e5cd5ff
-  data.tar.gz: 33e51b0fe16f514a13afe9be920abd2f1adf4c5b
+SHA256:
+  metadata.gz: 56b827169ae4fc8970f688a1405c1cfce763fdb7619e2b5d64af996ae983de74
+  data.tar.gz: 5c6b08ea0a203fb0a3e65c7ccef3cdcf511355715fd38315ae50f536d0dcee83
 SHA512:
-  metadata.gz: d7b24cac875d94516b5dd8f08c69f4b6086310127acaa50daf0baf15427b9ad3c69edd3c711fbb7fb86f641ca0a94d7ce06260c0e5263a1ccdff25e62ef157b8
-  data.tar.gz: 3635d74b54fddd9b2753cd7d21872f4be500b4400060d899783b7c6d7ce88b09e50be1fbe56ce2c467c7fb3d715b68af276eedfd760a03f84bd283039a8eb257
+  metadata.gz: 6abd868b81b35aaae90b89544e66f0a8a33e75f468ed9004e0a102d331be8e7ebead88092db3dbb6bb17edc1d1b8e1de282fa64d1e597a96af069e57379a6ffe
+  data.tar.gz: 5c52447a2c4df95b8a14f3caed8b84170667302381ee0e3b8d071f4aa38b06a3d2dd5446a2c7a3be07ceaeeab04d08a49984033d4dd85e0f6bec04784d5f7029

data/README.md

@@ -1,8 +1,14 @@
+[![Gem Version](https://badge.fury.io/rb/graphqr.svg)](https://rubygems.org/gems/graphqr)
+[![Build Status](https://travis-ci.com/QultureRocks/graphqr.svg?branch=master)](https://travis-ci.com/QultureRocks/graphqr)
+[![Maintainability](https://api.codeclimate.com/v1/badges/7f7b51e89e8fe4de1b23/maintainability)](https://codeclimate.com/github/QultureRocks/graphqr/maintainability)
+
 # GraphQR
 
-Welcome to your new gem! In this directory, you'll find the files you need to be able to package up your Ruby library into a gem. Put your Ruby code in the file `lib/graphqr`. To experiment with that code, run `bin/console` for an interactive prompt.
+A compilation of useful extensions and helpers for [graphql-ruby](https://github.com/rmosolgo/graphql-ruby).
+
+- [API Documentation](https://qulturerocks.github.io/graphqr/)
+- [Qulture.Rocks](https://qulture.rocks)
 
-TODO: Delete this and the text above, and describe your gem
 
 ## Installation
 
@@ -20,11 +26,252 @@ Or install it yourself as:
 
     $ gem install graphqr
 
-If you'd like to use the pagination feature, you must have `pagy` installed.
+## Configuration (optional)
+
+GraphQR uses `pagy` and `pundit` by default and activates both `Authorization` and `Pagination` modules.
+If you'd like to create a specific configuration, create `config/initializers/graphql.rb` with
+
+```ruby
+GraphQR.configure do |config|
+  config.use_pagination = true # or false to disable
+  config.use_authorization = true # or false to disable
+
+  config.paginator = :pagy # only pagy is available for now
+  config.policy_provider = :pundit # only pundit is available for now
+end
+```
+
+## Modules
+
+To use the extensions correctly add
+```ruby
+    field_class GraphQR::Fields::BaseField
+```
+to your `BaseObject` class. This will add the custom options to your fields and add the necessary extensions according to the modules you activated.
+
+```ruby
+module Types
+  class BaseObject < GraphQL::Schema::Object
+    ...
+    field_class GraphQR::Fields::BaseField
+    ...
+  end
+end
+```
+### Pagination
+
+The Pagination module consists in a easier way of dealing with pages. Instead of using `cursors` we implemented a more Rails way using `per` and `page`.
+Our implementation is (for now) based on [Pagy](https://github.com/ddnexus/pagy) so you must have it installed.
+
+To use the Pagination module add
+
+```ruby
+
+extend GraphQR::Pagination
+```
+
+to any `GraphQL::Schema::Object` you'd like, but we recommend adding it to your `BaseObject` class.
+
+```ruby
+module Types
+  class BaseObject < GraphQL::Schema::Object
+    ...
+    extend GraphQR::Pagination
+    ...
+  end
+end
+```
+
+#### Usage
+
+```ruby
+module Types
+  class QueryType < Types::BaseObject
+    graphql_name 'Query'
+
+    field :users, UserType.pagination_type, paginate: true
+  end
+end
+```
+
+A `pagination_type` adds the `per` and `page` arguments and adds a `page_info` field to the response.
+
+Example gql:
+```
+users(per: 10, page: 1) {
+  nodes {
+    id
+    name
+  }
+}
+```
+
+### Authorization
+
+The Authorization module in some wrappers around a `PolicyProvider` (only Pundit for now). And allows some basic behaviors.
+Everything on this module depends on a `policy_provider` passed to the GraphQL context. You can add it like this:
+
+```ruby
+class GraphqlController < ApplicationController
+
+  def execute
+    context = {
+      your_context,
+      policy_provider: policy_provider
+    }
+    result = YourSchema.execute(query, variables: variables, context: context, operation_name: operation_name)
+    render json: result.to_json
+  rescue StandardError => e
+    raise e unless Rails.env.development?
+
+    handle_error_in_development(e)
+  end
+  ...
+end
+```
+
+#### Authorized
+
+This module adds a check on the object policy before resolving it. It always searches for the `show?` policy of the record.
+It works by extending the `authorized?` method.
+
+To add this behavior, add
+```ruby
+extend GraphQR::Authorized
+```
+to any `GraphQL::Schema::Object` you'd like, but we recommend adding it to your `BaseObject` class.
+
+```ruby
+module Types
+  class BaseObject < GraphQL::Schema::Object
+    ...
+    extend GraphQR::Authorized
+    ...
+  end
+end
+```
+
+Example:
+
+```
+users {
+  id
+  tags {
+    id
+  }
+}
+```
+
+In this case, the authorization check will run for each `user`, calling `UserPolicy.show?` and for each tag, calling `TagPolicy.show?`.
+If any policy returns falsy, the object is returned as `null`.
+
+#### ScopeItems
+
+This module adds the PolicyProvider scope to the fields that represent an `ActiveRecord::Relation`. It works by implementing the `self.scope_items` method.
+
+To add this behavior, add
+```ruby
+extend GraphQR::ScopeItems
+```
+to any `GraphQL::Schema::Object` you'd like, but we recommend adding it to your `BaseObject` class.
+
+```ruby
+module Types
+  class BaseObject < GraphQL::Schema::Object
+    ...
+    extend GraphQR::ScopeItems
+    ...
+  end
+end
+```
+
+Example:
+
+```
+users {
+  id
+}
+```
+
+In this case, the `users` list will be scoped using `UserPolicy::Scope` provided by Pundit.
+
+#### AuthorizeGraphQL
+
+This module is a wrapper around the PolicyProvider authorization.
+It adds the `authorize_graphql` method, similar to Pundit's `authorize`, but it returns an `GraphQL::ExecutionError` instead of a `Pundit::NotAuthorizedError`
+
+To add this behavior, add
+```ruby
+include GraphQR::Policies::AuthorizeGraphQL
+```
+where you want to use this methos, but we recommend adding it to your `Mutations` and `Resolvers` classes.
+
+```ruby
+class BaseResolver < GraphQL::Schema::Resolver
+  ...
+  include GraphQR::Policies::AuthorizeGraphQL
+  ...
+end
+```
+
+Example:
+
+```ruby
+authorize_graphql User, :index?
+```
+
+### Helpers
+
+We also provide some helpers to make implementing GraphQL on ruby easier.
+
+#### ApplyScopes
+
+This modules is based on the [has_scope](https://github.com/plataformatec/has_scope/) gem.
+It provides an `apply_scopes` method that can search for model scopes and use them on a collection
+
+To add this method, add
+```ruby
+include GraphQR::ApplyScopes
+```
+where you'd like to use it, but we recommend adding it to your `Resolvers`.
+
+```ruby
+class BaseResolver < GraphQL::Schema::Resolver
+  ...
+  include GraphQR::ApplyScopes
+  ...
+end
+```
+
+Example:
+
+```ruby
+apply_scopes(User, { order_by_name: true, with_id: [1,2,3] })
+```
+
+#### QueryField
+
+This module adds the `query_field` helper.
+It adds an easy way of creating simple fields with resolvers.
+
+To add this method, add
+```ruby
+extend GraphQR::QueryField
+```
+to your `BaseObject`.
+
+```ruby
+module Types
+  class BaseObject < GraphQL::Schema::Object
+    ...
+    extend GraphQR::QueryField
+    ...
+  end
+end
+```
 
-## Usage
+Read more about its use in the [documentation](https://qulturerocks.github.io/graphqr/GraphQR/QueryField.html)
 
-TODO: Write usage instructions here
 
 ## Development
 

data/lib/graphqr.rb

@@ -1,25 +1,43 @@
 # frozen_string_literal: true
 
 require 'graphql'
+require 'graphqr/configuration'
 
 ##
 # This module represents all the extensions we made to the graphql-ruby library
 # it contains helpers and integrations we need to keep our workflow as simple as possible.
 module GraphQR
   class << self
+    def use_pagination
+      GraphQR.config.use_pagination || true
+    end
+
+    def use_authorization
+      GraphQR.config.use_authorization || true
+    end
+
     def paginator
       GraphQR.config.paginator
     end
 
+    def policy_provider
+      GraphQR.config.policy_provider
+    end
+
     def use_pagy?
       paginator == :pagy
     end
+
+    def use_pundit?
+      policy_provider == :pundit
+    end
   end
 end
 
 require 'graphqr/hooks'
 
 require 'graphqr/fields/base_field'
+require 'graphqr/pagination/resolvers/record_page_number_resolver'
 require 'graphqr/pagination/types/pagination_page_info_type'
 require 'graphqr/pagination/pagination_extension'
 
@@ -29,11 +47,20 @@ rescue NameError
   Kernel.warn 'Pagy not found'
 end
 
+require 'graphqr/policies/authorize_graphql'
+begin
+  require 'graphqr/policies/pundit_provider'
+rescue LoadError
+  Kernel.warn 'Pundit not found'
+end
+
 require 'graphqr/apply_scopes'
 require 'graphqr/authorized'
-require 'graphqr/base'
 require 'graphqr/pagination'
 require 'graphqr/permitted_fields_extension'
+require 'graphqr/base_resolver'
+require 'graphqr/base_resolvers'
 require 'graphqr/query_field'
+require 'graphqr/relation_fields'
 require 'graphqr/scope_items'
 require 'graphqr/version'

data/lib/graphqr/authorized.rb

@@ -2,8 +2,15 @@
 
 module GraphQR
   ##
-  # TODO: add documentation
+  # This module is the authorization extension created with our PolicyProvider.
+  #
+  # To use it add `extend GraphQR::Authorized` on the `GraphQL::Schema::Object` you want it,
+  # or add it on your `BaseObject`
   module Authorized
+    ##
+    # The `authorized? `method always runs before resolving an object.
+    #
+    # Our implementation adds a check on the `show?` method from the record Policy.
     def authorized?(object, context)
       policy_provider = context[:policy_provider]
 

data/lib/graphqr/base_resolver.rb

@@ -0,0 +1,11 @@
+# frozen_string_literal: true
+
+module GraphQR
+  ##
+  # This is the base class for all resolvers defined by the `GraphQR` gem.
+  # It includes authorization and scoping extensions defined by the gem.
+  class BaseResolver < GraphQL::Schema::Resolver
+    include GraphQR::ApplyScopes
+    include GraphQR::Policies::AuthorizeGraphQL
+  end
+end

data/lib/graphqr/base_resolvers.rb

@@ -0,0 +1,83 @@
+# frozen_string_literal: true
+
+module GraphQR
+  ##
+  # The `BaseResolvers` module defines methods used by other extensions to define resolver classes.
+  # All resolvers defined by this module's methods inherit from `GraphQR::BaseResolver`.
+  module BaseResolvers
+    ##
+    # The method defines and returns a resolver class meant for resolving a paginated ActiveRecordRelation.
+    # The returned class implements authorization, running the `PolicyProvider`'s' `index?` action
+    # and `authorized_records` scope.
+    #
+    # The defined resolver does not implement `#unscoped_collection`. Define it before adding the query to the schema**
+    #
+    # ### Params:
+    #
+    # +type_class+: the `GraphQL::Schema::Object` of the ActiveRecordRelation
+    #
+    # +scope_class+: a `GraphQL::Schema::InputObject` which defines arguments to be used by `ApplyScopes`
+    # #### Example:
+    #   ```
+    #   class ObjectScope < GraphQL::Schema::InputObject
+    #     argument :with_relation_id, ID, required: false
+    #     ...
+    #   end
+    #   ```
+    #
+    # ### Example:
+    #
+    # ```
+    # base_collection_resolver(ObjectType, ObjectScope)
+    # ```
+    def base_collection_resolver(type_class, scope_class)
+      Class.new(GraphQR::BaseResolver) do
+        type type_class.pagination_type, null: false
+
+        argument :filter, scope_class, required: false if scope_class.present?
+
+        def resolve(filter: {})
+          authorize_graphql unscoped_collection, :index?
+
+          collection = apply_scopes(unscoped_collection, filter)
+          context[:policy_provider].authorized_records(records: collection)
+        end
+
+        def unscoped_collection
+          raise NotImplementedError
+        end
+      end
+    end
+
+    ##
+    # The method defines and returns a resolver class meant for resolving a single ActiveRecord
+    # The returned class implements authorization, running the `PolicyProvider`'s' `show`
+    #
+    # The defined resolver does not implement `#record`. Define it before adding the query to the schema**
+    #
+    # ### Params:
+    #
+    # +type_class+: the `GraphQL::Schema::Object` of the ActiveRecord
+    #
+    # ### Example:
+    #
+    # ```
+    # base_resource_resolver(ObjectType)
+    # ```
+    def base_resource_resolver(type_class)
+      Class.new(GraphQR::BaseResolver) do
+        type type_class, null: false
+
+        def resolve
+          context[:policy_provider].allowed?(action: :show?, record: record)
+
+          record
+        end
+
+        def record
+          raise NotImplementedError
+        end
+      end
+    end
+  end
+end

data/lib/graphqr/configuration.rb

@@ -2,13 +2,33 @@
 
 module GraphQR # rubocop:disable Style/Documentation
   ##
-  # TODO: add documentation
+  # Module responsible for global configuration of the gem
   class Configuration
+    attr_writer :use_pagination, :use_authorization
+
     def configure
       yield self
     end
 
-    # Returns the selected paginator
+    def use_pagination
+      if instance_variable_defined? :@use_pagination
+        @use_pagination
+      else
+        @use_pagination = true
+      end
+    end
+
+    def use_authorization
+      if instance_variable_defined? :@use_authorization
+        @use_authorization
+      else
+        @use_authorization = true
+      end
+    end
+
+    ##
+    # Returns the selected paginator.
+    # If no paginator is selected, it tries to find the one used
     def paginator
       if instance_variable_defined? :@paginator
         @paginator
@@ -29,11 +49,46 @@ module GraphQR # rubocop:disable Style/Documentation
       end
     end
 
+    ##
+    # Returns the selected policy_provider.
+    # If no policy_provider is selected, it tries to find the one used
+    def policy_provider
+      if instance_variable_defined? :@policy_provider
+        @policy_provider
+      else
+        set_policy_provider
+      end
+    end
+
+    ##
+    # Sets the preferred policy_provider
+    # TODO: support CanCan
+    def policy_provider=(policy_provider)
+      case policy_provider.to_sym
+      when :pundit
+        use_pundit
+      else
+        raise StandardError, "Unknown policy_provider: #{policy_provider}"
+      end
+    end
+
     private
 
     def set_paginator
       use_pagy if defined?(Pagy)
     end
+
+    def use_pagy
+      @paginator = :pagy
+    end
+
+    def set_policy_provider
+      use_pundit if defined?(Pundit)
+    end
+
+    def use_pundit
+      @policy_provider = :pundit
+    end
   end
 
   class << self

data/lib/graphqr/fields/base_field.rb

@@ -18,8 +18,8 @@ module GraphQR
     class BaseField < GraphQL::Schema::Field
       def initialize(*args, paginate: false, **kwargs, &block)
         super(*args, **kwargs, &block)
-        extension(Pagination::PaginationExtension) if paginate
-        extension(PermittedFieldsExtension, null: kwargs[:null])
+        extension(Pagination::PaginationExtension) if paginate && GraphQR.use_pagination
+        extension(PermittedFieldsExtension, null: kwargs[:null]) if GraphQR.use_authorization
       end
     end
   end

data/lib/graphqr/pagination.rb

@@ -2,7 +2,12 @@
 
 module GraphQR
   ##
-  # TODO: add documentation
+  # This module adds the GraphQL pagination types.
+  #
+  # When a field is paginated, the field `page_info` is always included with some pagination information.
+  #
+  # To use this module use `extend GraphQR::Pagination` on the GraphQL::Schema::Object you want it,
+  # or in your `BaseObject`
   module Pagination
     def pagination_type
       @pagination_type ||= begin

data/lib/graphqr/pagination/pagination_extension.rb

@@ -3,9 +3,13 @@
 module GraphQR
   module Pagination
     ##
-    # TODO: add documentation
+    # The PaginationExtension is used on the `GraphQR::Fields::BaseField`.
+    #
+    # It adds the `per` and `page` arguments to the paginated field and uses the selected paginator resolver to add
+    # `nodes`, `edges` and `page_info` on the response
     class PaginationExtension < GraphQL::Schema::FieldExtension
-      DEFAULT_PAGINATION_ERROR = 'No paginator defined'
+      NO_PAGINATOR_ERROR = 'No paginator defined'
+      INVALID_PAGINATOR_ERROR = 'Invalid paginator'
 
       def apply
         field.argument :per, 'Int', required: false, default_value: 25,
@@ -23,9 +27,18 @@ module GraphQR
       end
 
       def after_resolve(value:, arguments:, **_kwargs)
-        raise GraphQL::ExecutionError, DEFAULT_PAGINATION_ERROR unless GraphQR.paginator.present?
+        raise GraphQL::ExecutionError, NO_PAGINATOR_ERROR unless GraphQR.paginator.present?
 
-        Resolvers::PagyResolver.new(value, items: arguments[:per], page: arguments[:page]) if GraphQR.use_pagy?
+        call_resolver(value, arguments)
+      end
+
+      def call_resolver(value, arguments)
+        case GraphQR.paginator
+        when :pagy
+          Resolvers::PagyResolver.new(value, items: arguments[:per], page: arguments[:page])
+        else
+          raise GraphQL::ExecutionError, INVALID_PAGINATOR_ERROR
+        end
       end
     end
   end

data/lib/graphqr/pagination/resolvers/pagy_resolver.rb

@@ -4,7 +4,7 @@ module GraphQR
   module Pagination
     module Resolvers
       ##
-      # TODO: add documentation
+      # This is a resolver that uses `Pagy::Backend` and maps it to the GraphQL pagination structure.
       class PagyResolver
         include Pagy::Backend
 
@@ -33,7 +33,10 @@ module GraphQR
         end
 
         def page_info
-          @pagy
+          @pagy.tap do |pagy|
+            pagy.class_eval { attr_accessor :ordered_record_ids }
+            pagy.ordered_record_ids = @records&.all? { |r| r&.respond_to?(:id) } ? @records.map(&:id) : []
+          end
         end
       end
     end

data/lib/graphqr/pagination/resolvers/record_page_number_resolver.rb

@@ -0,0 +1,29 @@
+# frozen_string_literal: true
+
+module GraphQR
+  module Pagination
+    module Resolvers
+      ##
+      # This is a resolver that receives the id of an object and returns the page number
+      # in which the object is located.
+      class RecordPageNumberResolver < ::GraphQL::Schema::Resolver
+        INDEX_OFFSET = 1
+
+        type Int, null: true
+
+        argument :record_id, ID, required: true
+
+        def resolve(record_id:)
+          per_page = object.vars[:items]
+          records_ids = object.ordered_record_ids
+          record_index = records_ids.find_index(record_id.to_i)
+
+          return if per_page.zero? || records_ids.blank? || record_index.blank?
+
+          record_position = (record_index + INDEX_OFFSET).to_f
+          (record_position / per_page).ceil
+        end
+      end
+    end
+  end
+end

data/lib/graphqr/pagination/types/pagination_page_info_type.rb

@@ -4,7 +4,7 @@ module GraphQR
   module Pagination
     module Types
       ##
-      # TODO: add documentation
+      # This defines the information about pagination in a connection.
       class PaginationPageInfoType < GraphQL::Schema::Object
         description 'Information about pagination in a connection.'
 
@@ -25,6 +25,7 @@ module GraphQR
         field :next_page, Int, null: true,
                                method: :next,
                                description: 'The previous page number or nil if there is no previous page'
+        field :record_page_number, resolver: GraphQR::Pagination::Resolvers::RecordPageNumberResolver
       end
     end
   end

data/lib/graphqr/permitted_fields_extension.rb

@@ -2,7 +2,10 @@
 
 module GraphQR
   ##
-  # TODO: add documentation
+  # This is an extension used on the `GraphQR::Fields::BaseField`.
+  #
+  # It is responsible for authorizing each field within a query.
+  # It searches if the field is defined on the `permitted_fields` method of the policy
   class PermittedFieldsExtension < GraphQL::Schema::FieldExtension
     def resolve(object:, arguments:, context:)
       if authorized?(object, context)

data/lib/graphqr/policies/authorize_graphql.rb

@@ -0,0 +1,29 @@
+# frozen_string_literal: true
+
+module GraphQR
+  module Policies
+    ##
+    # The AuthorizeGraphQL module defines a way of running the PolicyProvider authorization with a specific action
+    module AuthorizeGraphQL
+      DEFAULT_AUTHORIZATION_ERROR = 'You are not authorized to perform this action'
+
+      ##
+      # This method is a wrapper around the Pundit authorize, receiving the same arguments.
+      # The only difference is that it turns the Pundit::NotAuthorizedError into a GraphQL::ExecutionError
+      #
+      # ### Example:
+      #
+      # ```
+      # authorize_graphql User, :index?
+      # ```
+      def authorize_graphql(record, action, policy_class: nil)
+        args = { record: record, action: action, policy_class: policy_class }
+        raise GraphQL::ExecutionError, DEFAULT_AUTHORIZATION_ERROR unless policy_provider.allowed?(args)
+      end
+
+      def policy_provider
+        context[:policy_provider]
+      end
+    end
+  end
+end

data/lib/graphqr/policies/pundit_provider.rb

@@ -0,0 +1,54 @@
+# frozen_string_literal: true
+
+require 'pundit'
+
+module GraphQR
+  module Policies
+    ##
+    # This is a wrapper around Pundit provided to keep all PolicyProviders with the same methods.
+    #
+    # If you want to use the Pundit integration with our extensions you should pass:
+    #
+    # ```
+    # {
+    #   policy_provider: GraphQR::Policies::PunditProvider.new(policy_context: pundit_user)
+    # }
+    # ```
+    #
+    # To the Schema context.
+    class PunditProvider
+      attr_reader :policy_context
+
+      def initialize(policy_context:)
+        @policy_context = policy_context
+      end
+
+      def allowed?(action:, record:, policy_class: nil)
+        policy = policy_for(record: record, policy_class: policy_class)
+
+        policy.apply(action)
+      end
+
+      def authorized_records(records:)
+        Pundit.policy_scope(policy_context, records)
+      end
+
+      def permitted_field?(record:, field_name:)
+        policy = policy_for(record: record)
+
+        policy.permitted_fields.include?(field_name)
+      end
+
+      private
+
+      def policy_for(record:, policy_class: nil)
+        policy_class ||= policy_class_for(record: record)
+        policy_class.new(policy_context, record)
+      end
+
+      def policy_class_for(record:)
+        Pundit::PolicyFinder.new(record).policy!
+      end
+    end
+  end
+end

data/lib/graphqr/query_field.rb

@@ -1,61 +1,85 @@
 # frozen_string_literal: true
 
-# rubocop:disable Metrics/ParameterLists
-
 module GraphQR
   ##
-  # TODO: add documentation
+  # This extension adds the `query_field` method.
+  # A helper to create simple queries faster and easier
+  #
+  # To use this extension, add `extend Graphql::QueryField` on your `QueryType`
+  #
   module QueryField
+    include BaseResolvers
+    ##
+    # The `query_field` method is a helper to create fields and resolver without effort.
+    #
+    # ### Arguments
+    #
+    # +field_name+ _(required)_: the GraphQL query name
+    #
+    # +active_record_class+ _(required)_: the model ActiveRecord class.
+    # It can be represented as an array if you want it to return a collection
+    #
+    # +type_class+ _(required)_:  The GraphQL type class
+    #
+    # +scope_class+: A specific InputType that contains the possible scopes that can be applied to your collection.
+    # Similar to the [has_scope](https://github.com/plataformatec/has_scope/) gem.
+    # _This argument is required for collection fields._
+    #
+    # ### Examples
+    # ```
+    # query_type :user, User, type_class: UserType
+    # query_type :users, [User], type_class: UserType, scope_class: UserScopeInput
+    # ```
+    #
+    # ### Collention fields
+    #
+    # Collection fields are always paginated using the configured `paginator`
+    # Its resolver will look for the `index?` method on the model Policy.
+    # It'll have the optional `filter` argument with `scope_class` type
+    #
+    # ### Single fields
+    #
+    # Single fields have the required `id` argument to find the exact record searched.
+    # Its resolver will look for the `show?` method on the model Policy.
+    #
+    # rubocop:disable Metrics/ParameterLists
     def query_field(field_name, active_record_class, type_class:, scope_class: nil, **kwargs, &block)
       is_collection = active_record_class.is_a? Array
       if is_collection
         active_record_class = active_record_class.first
-        resolver = collection(active_record_class, type_class, scope_class)
+        resolver = collection_resolver(active_record_class, type_class, scope_class)
       else
-        resolver = resource(active_record_class, type_class)
+        resolver = resource_resolver(active_record_class, type_class)
       end
 
       field(field_name, paginate: is_collection, resolver: resolver, **kwargs, &block)
     end
+    # rubocop:enable Metrics/ParameterLists
 
     private
 
-    def collection(active_record_class, type_class, scope_class)
-      Class.new(::BaseResolver) do
-        class_attribute :active_record_class
-        self.active_record_class = active_record_class
-
-        type type_class.pagination_type, null: false
-
-        argument :filter, scope_class, required: false
-
-        def resolve(filter: {})
-          authorize_graphql active_record_class, :index?
-
-          collection = apply_scopes(active_record_class, filter)
-          context[:policy_provider].authorized_records(records: collection)
-        end
-      end
+    def collection_resolver(active_record_class, type_class, scope_class)
+      resolver = base_collection_resolver(type_class, scope_class)
+      resolver.define_method(:unscoped_collection) { @unscoped_collection ||= active_record_class }
+      resolver
     end
 
-    def resource(active_record_class, type_class)
-      Class.new(::BaseResolver) do
+    def resource_resolver(active_record_class, type_class)
+      Class.new(base_resource_resolver(type_class)) do
         class_attribute :active_record_class
         self.active_record_class = active_record_class
 
-        type type_class, null: false
-
         argument :id, 'ID', required: true
 
         def resolve(id:)
-          record = self.class.active_record_class.find(id)
-
-          context[:policy_provider].allowed?(action: :show?, record: record)
+          @id = id
+          super()
+        end
 
-          record
+        def record
+          @record ||= active_record_class.find(@id)
         end
       end
     end
   end
 end
-# rubocop:enable Metrics/ParameterLists

data/lib/graphqr/relation_fields.rb

@@ -0,0 +1,41 @@
+# frozen_string_literal: true
+
+module GraphQR
+  ##
+  # @TODO doc
+  module RelationFields
+    ##
+    # @TODO doc
+    # rubocop:disable Naming/PredicateName
+    include GraphQR::BaseResolvers
+
+    def has_many(field_name, type_class, scope_class: nil, **kwargs, &block)
+      type_class = type_class.first
+
+      resolver = has_many_resolver(field_name, type_class, scope_class)
+
+      field(field_name, paginate: true, resolver: resolver, **kwargs, &block)
+    end
+
+    def has_one(field_name, type_class, **kwargs, &block)
+      resolver = has_one_resolver(field_name, type_class)
+
+      field(field_name, resolver: resolver, **kwargs, &block)
+    end
+
+    private
+
+    def has_many_resolver(collection_name, type_class, scope_class)
+      resolver = base_collection_resolver(type_class, scope_class)
+      resolver.define_method(:unscoped_collection) { @unscoped_collection ||= object.send(collection_name) }
+      resolver
+    end
+
+    def has_one_resolver(resource_name, type_class)
+      resolver = base_resource_resolver(type_class)
+      resolver.define_method(:record) { @record ||= object.send(resource_name) }
+      resolver
+    end
+    # rubocop:enable Naming/PredicateName
+  end
+end

data/lib/graphqr/scope_items.rb

@@ -2,8 +2,15 @@
 
 module GraphQR
   ##
-  # TODO: add documentation
+  # This extension adds the PolicyProvider scope to the fields.
+  # When using the extension, ActiveRecord::Relation fields will be scoped.
+  #
+  # To use this extension add `extend GraphQR::ScopeItems` on the `GraphQL::Schema::Object` you want,
+  # or in your `BaseObject`
   module ScopeItems
+    ##
+    # The method checks whether the items are a ActiveRecord::Relation or not.
+    # If they are, it runs the PolicyProvider `authorized_records` scope.
     def scope_items(items, context)
       if scopable_items?(items)
         context[:policy_provider].authorized_records(records: items)

data/lib/graphqr/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module GraphQR
-  VERSION = '0.0.2'
+  VERSION = '0.0.7'
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: graphqr
 version: !ruby/object:Gem::Version
-  version: 0.0.2
+  version: 0.0.7
 platform: ruby
 authors:
 - Manuel Puyol
@@ -10,7 +10,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2019-05-28 00:00:00.000000000 Z
+date: 2020-02-04 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: graphql
@@ -144,16 +144,21 @@ files:
 - lib/graphqr.rb
 - lib/graphqr/apply_scopes.rb
 - lib/graphqr/authorized.rb
-- lib/graphqr/base.rb
+- lib/graphqr/base_resolver.rb
+- lib/graphqr/base_resolvers.rb
 - lib/graphqr/configuration.rb
 - lib/graphqr/fields/base_field.rb
 - lib/graphqr/hooks.rb
 - lib/graphqr/pagination.rb
 - lib/graphqr/pagination/pagination_extension.rb
 - lib/graphqr/pagination/resolvers/pagy_resolver.rb
+- lib/graphqr/pagination/resolvers/record_page_number_resolver.rb
 - lib/graphqr/pagination/types/pagination_page_info_type.rb
 - lib/graphqr/permitted_fields_extension.rb
+- lib/graphqr/policies/authorize_graphql.rb
+- lib/graphqr/policies/pundit_provider.rb
 - lib/graphqr/query_field.rb
+- lib/graphqr/relation_fields.rb
 - lib/graphqr/scope_items.rb
 - lib/graphqr/version.rb
 - spec/graphqr_spec.rb
@@ -177,8 +182,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubyforge_project: 
-rubygems_version: 2.6.14
+rubygems_version: 3.0.6
 signing_key: 
 specification_version: 4
 summary: Extensions and helpers for graphql-ruby

data/lib/graphqr/base.rb

@@ -1,32 +0,0 @@
-# frozen_string_literal: true
-
-module GraphQR
-  ##
-  # The Base module defines some helper methods that can be used once it is included
-  # it also includes the basic ApplyScopes library
-  module Base
-    include GraphQR::ApplyScopes
-
-    DEFAULT_AUTHORIZATION_ERROR = 'You are not authorized to perform this action'
-
-    ##
-    # This method is a wrapper around the Pundit authorize, receiving the same arguments.
-    # The only difference is that it turns the Pundit::NotAuthorizedError into a GraphQL::ExecutionError
-    #
-    # ### Example:
-    #
-    # ```
-    # authorize_graphql User, :index?
-    # ```
-    def authorize_graphql(record, action, policy_class: nil)
-      args = { record: record, action: action, policy_class: policy_class }
-      raise GraphQL::ExecutionError, DEFAULT_AUTHORIZATION_ERROR unless policy_provider.allowed?(args)
-    end
-
-    ##
-    # This is a helper method to get the policy provider from the context
-    def policy_provider
-      context[:policy_provider]
-    end
-  end
-end