My scheme is simple. Model is custom user from django.
class UserFilter(django_filters.FilterSet):
class Meta:
model = User
fields = ['username', 'email', ]
class UserNode(DjangoObjectType):
class Meta:
model = User
only_fields = (
'username',
'email',
'is_staff',
'is_active',
'is_superuser',
'last_login',
'date_joined',
'profile',
)
interfaces = (graphene.relay.Node, )
@classmethod
def get_node(cls, info, id):
try:
user = cls._meta.model.objects.get(id=id)
except cls._meta.model.DoesNotExist:
return None
if user:
return user
return None
class Query(graphene.ObjectType):
users = DjangoFilterConnectionField(
UserNode,
filterset_class=UserFilter,
)
def resolve_users(self, info):
user = info.context.user
if user.is_anonymous:
raise Exception('You aren't autorized')
elif not user.is_superuser:
return get_user_model().objects.defer("email")
elif user.is_superuser:
return get_user_model().objects.all().select_related('profile')
else:
raise Exception('Error')
When I make a request from a user who is not superuser, and in the schema I specify the field "email", the answer gives the value of this field.:
query{
users{
edges{
node{
id
username
email
isSuperuser
}
}
}
}
I get:
{
"data": {
"users": {
"edges": [
{
"node": {
"id": "VXNlck5vZGU6NQ==",
"username": "Test4",
"email": "Test4@test.ru",
"isSuperuser": false
}
}
]
}
}
}
Whether it is possible as that to differentiate access to fields in resolve_users? The exception in the filter does not work. Perhaps I do not correctly understand the design of the DjangoFilterConnectionField, and I should use the usual list for output to the GraphQL.
