Skip to content

Bump strawberry-graphql[fastapi] from 0.216.1 to 0.217.0

Ronan Amicel requested to merge dependabot-pip-strawberry-graphql-fastapi--0.217.0 into main

Bumps strawberry-graphql[fastapi] from 0.216.1 to 0.217.0.

Release notes

Sourced from strawberry-graphql[fastapi]'s releases.

🍓 0.217.0

Permissions classes now use a FieldExtension. The new preferred way to add permissions is to use the PermissionsExtension class:

import strawberry
from strawberry.permission import PermissionExtension, BasePermission
class IsAuthorized(BasePermission):
message = "User is not authorized"
error_extensions = {"code": "UNAUTHORIZED"}
def has_permission(self, source, info, **kwargs) -> bool:
    return False

@strawberry.type
class Query:
@strawberry.field(extensions=[PermissionExtension(permissions=[IsAuthorized()])])
def name(self) -> str:
return "ABC"

The old way of adding permissions using permission_classes is still supported via the automatic addition of a PermissionExtension on the field.

Using the new PermissionExtension API, permissions support even more features:

Silent errors

To return None or [] instead of raising an error, the fail_silently keyword argument on PermissionExtension can be set to True.

Custom Error Extensions & classes

Permissions will now automatically add pre-defined error extensions to the error, and can use a custom GraphQLError class. This can be configured by modifying the error_class and error_extensions attributes on the BasePermission class.

Customizable Error Handling

To customize the error handling, the on_unauthorized method on the BasePermission class can be used. Further changes can be implemented by subclassing the PermissionExtension class.

Schema Directives

Permissions will automatically be added as schema directives to the schema. This behavior can be altered by setting the add_directives to False

... (truncated)

Changelog

Sourced from strawberry-graphql[fastapi]'s changelog.

0.217.0 - 2023-12-18

Permissions classes now use a FieldExtension. The new preferred way to add permissions is to use the PermissionsExtension class:

import strawberry
from strawberry.permission import PermissionExtension, BasePermission
class IsAuthorized(BasePermission):
message = "User is not authorized"
error_extensions = {"code": "UNAUTHORIZED"}
def has_permission(self, source, info, **kwargs) -> bool:
    return False

@strawberry.type
class Query:
@strawberry.field(extensions=[PermissionExtension(permissions=[IsAuthorized()])])
def name(self) -> str:
return "ABC"

The old way of adding permissions using permission_classes is still supported via the automatic addition of a PermissionExtension on the field.

Using the new PermissionExtension API, permissions support even more features:

Silent errors

To return None or [] instead of raising an error, the fail_silently keyword argument on PermissionExtension can be set to True.

Custom Error Extensions & classes

Permissions will now automatically add pre-defined error extensions to the error, and can use a custom GraphQLError class. This can be configured by modifying the error_class and error_extensions attributes on the BasePermission class.

Customizable Error Handling

To customize the error handling, the on_unauthorized method on the BasePermission class can be used. Further changes can be implemented by subclassing the PermissionExtension class.

Schema Directives

... (truncated)

Commits

Merge request reports