Packages
potionx
0.6.3
0.8.15
0.8.14
0.8.13
0.8.12
0.8.11
0.8.10
0.8.9
0.8.8
0.8.7
0.8.6
0.8.5
0.8.4
0.8.3
0.8.2
0.8.1
0.8.0
0.7.2
0.7.1
0.7.0
0.6.4
0.6.3
0.6.2
0.6.1
0.6.0
0.5.3
0.5.2
0.5.1
0.5.0
0.4.16
0.4.15
0.4.14
0.4.13
0.4.12
0.4.11
0.4.10
0.4.9
0.4.8
0.4.7
0.4.6
0.4.5
0.4.4
0.4.3
0.4.2
0.4.1
0.4.0
0.3.0
0.2.18
0.2.17
0.2.16
0.2.15
0.2.14
0.2.13
0.2.12
0.2.11
0.2.10
0.2.9
0.2.8
0.2.7
0.2.6
0.2.5
0.2.4
0.2.3
0.2.2
0.2.1
0.1.1
0.1.0
Potionx is a set of generators and functions that speeds up the process of setting up and deploying a full-stack application that uses Elixir with GraphQL for the server-side component and Vue for the frontend component.
Current section
Files
Jump to
Current section
Files
lib/potionx/plugs/maybe_disable_introspection_plug.ex
defmodule Potionx.Plug.MaybeDisableIntrospection do
@behaviour Plug
alias Plug.Conn
alias Potionx.Context.Service
@doc false
def init(config) do
Keyword.merge(
[roles: [:admin]],
config
)
|> Enum.into(%{})
end
def call(%Plug.Conn{params: %{"query" => q}} = conn, config) do
if (String.contains?(q, "__schema")) do
conn
|> maybe_refuse(config)
else
conn
end
end
def call(conn, _) do
conn
end
def maybe_refuse(%{assigns: %{context: %Service{roles: roles}}} = conn, %{roles_allowed: roles_allowed}) when is_list(roles) do
(roles_allowed || [])
|> Enum.any?(fn role ->
Enum.member?(roles, role)
end)
|> if do
conn
else
conn
|> Conn.put_status(:forbidden)
|> Conn.halt
end
end
def maybe_refuse(conn, _) do
conn
|> Conn.put_status(:forbidden)
|> Conn.halt
end
end