With GraphQL-Ruby, it’s possible to hide parts of your schema from some users. This isn’t exactly part of the GraphQL spec, but it’s roughly within the bounds of the spec.
Here are some reasons you might want to hide parts of your schema:
You can customize the visibility of parts of your schema by reimplementing various visible? methods:
.visible?(context) class method#visible?(context) instance method#visible?(context) instance method.visible?(context) class methodThese methods are called with the query context, based on the hash you pass as context:. If the method returns false, then that member of the schema will be treated as though it doesn’t exist for the entirety of the query. That is:
Let’s say you’re working on a new feature which should remain secret for a while. You can implement .visible? in a type:
class Types::SecretFeature < Types::BaseObject
def self.visible?(context)
# only show it to users with the secret_feature enabled
super && context[:viewer].feature_enabled?(:secret_feature)
end
end
(Always call super to inherit the default behavior.)
Now, the following bits of GraphQL will return validation errors:
SecretFeature, eg query { findSecretFeature { ... } }SecretFeature, eg Fragment SF on SecretFeatureAnd in introspection:
__schema { types { ... } } will not include SecretFeature__type(name: "SecretFeature") will return nilSecretFeature will not include itSecretFeature will be excluded from introspection