diff --git a/src/CenterMentor/centermentor.schema.ts b/src/CenterMentor/centermentor.schema.ts index 774ebce..f858b3e 100644 --- a/src/CenterMentor/centermentor.schema.ts +++ b/src/CenterMentor/centermentor.schema.ts @@ -138,8 +138,11 @@ export class CenterMentorSchema extends PothosSchema { }, resolve: async (query, root, args, ctx) => { return this.prisma.$transaction(async (prisma) => { + if (ctx.isSubscription) { + throw new Error('Not allowed'); + } // get centerId by user id from context - const userId = ctx.me.id; + const userId = ctx.http.me.id; if (!userId) { throw new Error('User ID is required'); } @@ -213,6 +216,9 @@ export class CenterMentorSchema extends PothosSchema { adminNote: t.arg({ type: 'String', required: false }), }, resolve: async (query, root, args, ctx, info) => { + if (ctx.isSubscription) { + throw new Error('Not allowed'); + } return this.prisma.$transaction(async (prisma) => { // validate input if (args.approved && !args.adminNote) { @@ -264,7 +270,7 @@ export class CenterMentorSchema extends PothosSchema { data: { content: args.adminNote ?? '', mentorId: mentor.id, - notedByUserId: ctx.me.id, + notedByUserId: ctx.http.me.id, }, }); // update user role @@ -310,7 +316,7 @@ export class CenterMentorSchema extends PothosSchema { adminNote: { create: { content: args.adminNote ?? '', - notedByUserId: ctx.me.id, + notedByUserId: ctx.http.me.id, updatedAt: new Date(), }, }, diff --git a/src/Graphql/graphql.builder.ts b/src/Graphql/graphql.builder.ts index 5fdd216..8630264 100644 --- a/src/Graphql/graphql.builder.ts +++ b/src/Graphql/graphql.builder.ts @@ -25,13 +25,25 @@ import { getDatamodel } from '../types/pothos.generated'; // import { rules } from '../common/graphql/common.graphql.auth-rule'; -export interface SchemaContext { - req: Request; - res: Response; - me: User; - pubSub: PubSub; - generator: PrismaCrudGenerator; -} +export type SchemaContext = + | { + isSubscription: true; + websocket: { + pubSub: PubSub; + me: User; + generator: PrismaCrudGenerator; + }; + } + | { + isSubscription: false; + http: { + req: Request; + res: Response; + me: User; + pubSub: PubSub; + generator: PrismaCrudGenerator; + }; + }; // extend prisma types to contain string type export interface SchemaBuilderOption { @@ -79,8 +91,11 @@ export class Builder extends SchemaBuilder { ], smartSubscriptions: { debounceDelay: 1000, - ...subscribeOptionsFromIterator((name, { pubSub }) => { - return pubSub.asyncIterator(name); + ...subscribeOptionsFromIterator((name, ctx) => { + if (ctx.isSubscription) { + return ctx.websocket.pubSub.asyncIterator(name); + } + return ctx.http.pubSub.asyncIterator(name); }), }, relay: {}, diff --git a/src/Graphql/graphql.module.ts b/src/Graphql/graphql.module.ts index 24ff8a1..3e2ef68 100644 --- a/src/Graphql/graphql.module.ts +++ b/src/Graphql/graphql.module.ts @@ -93,7 +93,10 @@ import { initContextCache } from '@pothos/core'; }, context: async ({ req }: { req: Request }) => ({ ...initContextCache(), - me: await graphqlService.acquireContext(req), + isSubscription: false, + http: { + me: await graphqlService.acquireContext(req), + }, }), }), }), diff --git a/src/Message/message.schema.ts b/src/Message/message.schema.ts index 5312f05..c5c72f8 100644 --- a/src/Message/message.schema.ts +++ b/src/Message/message.schema.ts @@ -109,7 +109,10 @@ export class MessageSchema extends PothosSchema { ...query, data: args.input, }); - ctx.pubSub.publish('MESSAGE_SENT', message); + if (ctx.isSubscription) { + throw new Error('Not allowed'); + } + ctx.http.pubSub.publish('MESSAGE_SENT', message); return message; }, }), @@ -124,9 +127,12 @@ export class MessageSchema extends PothosSchema { this.builder.subscriptionFields((t) => ({ messageSent: t.field({ subscribe: (_, __, ctx) => { + if (!ctx.isSubscription) { + throw new Error('Not allowed'); + } return { [Symbol.asyncIterator]: () => - ctx.pubSub.asyncIterator('MESSAGE_SENT'), + ctx.websocket.pubSub.asyncIterator('MESSAGE_SENT'), }; }, type: this.message(), // Add the type property diff --git a/src/Resume/resume.schema.ts b/src/Resume/resume.schema.ts index f04aa8d..b1638a8 100644 --- a/src/Resume/resume.schema.ts +++ b/src/Resume/resume.schema.ts @@ -108,10 +108,13 @@ export class ResumeSchema extends PothosSchema { }, resolve: async (query, root, args, ctx, info) => { try { + if (ctx.isSubscription) { + throw new Error('Not allowed'); + } const resumes = await this.prisma.resume.findMany({ ...query, where: { - userId: ctx.me.id, + userId: ctx.http.me.id, status: args.status ?? undefined, }, }); diff --git a/src/Service/service.schema.ts b/src/Service/service.schema.ts index f059bd7..87925a7 100644 --- a/src/Service/service.schema.ts +++ b/src/Service/service.schema.ts @@ -243,6 +243,9 @@ export class ServiceSchema extends PothosSchema { }), }, resolve: async (query, root, args, ctx, info) => { + if (ctx.isSubscription) { + throw new Error('Not allowed'); + } return await this.prisma.$transaction(async (prisma) => { // check if service is already approved or rejected const service = await prisma.service.findUnique({ @@ -265,7 +268,7 @@ export class ServiceSchema extends PothosSchema { adminNote: { create: { content: args.adminNote ?? '', - notedByUserId: ctx.me.id, + notedByUserId: ctx.http.me.id, }, }, }, diff --git a/src/User/user.schema.ts b/src/User/user.schema.ts index 5072cab..36a329f 100644 --- a/src/User/user.schema.ts +++ b/src/User/user.schema.ts @@ -127,10 +127,13 @@ export class UserSchema extends PothosSchema { }, }), me: t.prismaField({ - description: 'Retrieve the current user by token.', + description: 'Retrieve the current user in context.', type: this.user(), resolve: async (query, root, args, ctx) => { - return ctx.me; + if (ctx.isSubscription) { + throw new Error('Not allowed'); + } + return ctx.http.me; }, }),