Hi @jascodes , a trick exists with Graphql API. If you know how deep your role hierarchy is. You can design a GraphQL that can reflect the hierarchy here (a tested example).
Created a: Role Admin, Role Manager, Role User
Manager Role is linked into the User roles relation
Admin Role is linked into the Manager roles relation
In parse the hierarchy is inverted, so you need to think not like Admin → Manager → User but like: User → Manager → Admin
So in our query we try to find the user id linked in the Admin Role users relation with 3 level deep search.
You can achieve this with the following graphql query
query level3RoleCheck($userId: ID!) {
roles(
where: {
roles: {
have: {
roles: { have: { users: { have: { id: { equalTo: $userId } } } } }
}
}
}
) {
edges {
node {
name
roles {
edges {
node {
name
roles {
edges {
node {
name
}
}
}
}
}
}
}
}
}
}
Response
{
"data": {
"roles": {
"edges": [
{
"node": {
"name": "User",
"roles": {
"edges": [
{
"node": {
"name": "Manager",
"roles": {
"edges": [
{
"node": {
"name": "Admin"
}
}
]
}
}
}
]
}
}
}
]
}
}
}
Here an example for a level 2 check (you only need to change the where)
query level2RoleCheck($userId: ID!) {
roles(
where: {
roles: { have: { users: { have: { id: { equalTo: $userId } } } } }
}
) {
edges {
node {
name
roles {
edges {
node {
name
roles {
edges {
node {
name
}
}
}
}
}
}
}
}
}
}
Note: This is a non optimal way to handle security. As i understand you add the Role pointer on the Chatroom object, i can suggest to add the Role in Chatroom ACLs (and linked ressources ACls like messages of the chatroom), then parse will filter objects for you.
Using beforeFind could be tedious to maintain.