Loosing the ability to sort/filter on custom queries

I'm trying to enhance my existing GRANDstack application by implicitly filtering some types. You may also think of this as access-control.

I have a type called HousingUnit. Previously, the Query for HousingUnit was automatically created through schema augmentation. Now I want to limit the returned HousingUnits via a pattern. The request to /graphql will carry a JWT which has some information that will be made available as cypherParams (e.g. userEmail) to identify the current user. For HousingUnit (and other types) I only want to return the types that are CREATED_BY the Organization the user is a part of. A solution for the HousingUnit query looks like this.

HousingUnit: async (parent, info, context, resolveInfo) => {
      const session = context.driver.session()
      const cypher = `MATCH (u:UserAccount) WHERE u.email = $cypherParams.userEmail MATCH (u)-[:WORKS_FOR]->(o:Organization)
        WITH o
        MATCH (o)<-[:WORKS_FOR]-(:UserAccount)<-[:CREATED_BY]-(housingUnit:HousingUnit) RETURN housingUnit`
      const results = await session
        .run(cypher, {
          cypherParams: context.cypherParams,
        })
        .then((result) => {
          return result.records.map((record) => {
            const obj = record.toObject()
            console.log(obj)
            return obj.housingUnit.properties
          })
        })
        .catch(console.log)
        .then((results) => {
          session.close()
          return results
        })
      return results
    },

My problem is that due to my explicit cypher query and return of results, I can not due any other filtering or sorting.

The requests

query {
  HousingUnit(orderBy:name_asc) {
    name
  }
}

and

query {
  HousingUnit(orderBy:name_desc) {
    name
  }
}

will yield the same order of results.
Furthermore, we have a lot of different types and I hope there's a simpler way of doing this (maybe middleware or decorators, reusing augmented queries).

1 Like