--------------------
Permissions classes now use a `FieldExtension`. The new preferred way to add permissions
is to use the `PermissionsExtension` class:
python
import strawberry
from strawberry.permission import PermissionExtension, BasePermission
class IsAuthorized(BasePermission):
message = "User is not authorized"
error_extensions = {"code": "UNAUTHORIZED"}
def has_permission(self, source, info, **kwargs) -> bool:
return False
strawberry.type
class Query:
strawberry.field(extensions=[PermissionExtension(permissions=[IsAuthorized()])])
def name(self) -> str:
return "ABC"
The old way of adding permissions using `permission_classes` is still
supported via the automatic addition of a `PermissionExtension` on the field.
⚠️ Breaking changes
Previously the `kwargs` argument keys for the `has_permission` method were
using camel casing (depending on your schema configuration), now they will
always follow the python name defined in your resolvers.
python
class IsAuthorized(BasePermission):
message = "User is not authorized"
def has_permission(
self, source, info, **kwargs: typing.Any
) -> bool: pragma: no cover
kwargs will have a key called "a_key"
instead of `aKey`
return False
strawberry.type
class Query:
strawberry.field(permission_classes=[IsAuthorized])
def name(self, a_key: str) -> str: pragma: no cover
return "Erik"
Using the new `PermissionExtension` API, permissions support even more features:
Silent errors
To return `None` or `[]` instead of raising an error, the `fail_silently ` keyword
argument on `PermissionExtension` can be set to `True`.
Custom Error Extensions & classes
Permissions will now automatically add pre-defined error extensions to the error, and
can use a custom `GraphQLError` class. This can be configured by modifying
the `error_class` and `error_extensions` attributes on the `BasePermission` class.
Customizable Error Handling
To customize the error handling, the `on_unauthorized` method on
the `BasePermission` class can be used. Further changes can be implemented by
subclassing the `PermissionExtension` class.
Schema Directives
Permissions will automatically be added as schema directives to the schema. This
behavior can be altered by setting the `add_directives` to `False`
on `PermissionExtension`, or by setting the `_schema_directive` class attribute of the
permission to a custom directive.
Contributed by [Erik Wrede](https://github.com/erikwrede) via [PR #2570](https://github.com/strawberry-graphql/strawberry/pull/2570/)