After a good nights sleep, we’re back at it again.
In the last chapter we installed
prisma-binding to use our data access layer within our service. We sketched out some APIs users will use to interact with it as well. If you want to get caught up on this series, checkout Part 1 here, Part 2 here, and Part 3 here.
Just like the last post, I’m going to write code and write this post at the same time!
Back at it
So when I woke up this morning, I realized that we have all these APIs to access data in our system with the assumption that the units we are selling actually exist! But we don’t have any SKUs, nor do we have any Pricing tables setup in our app.
So before we get into building out the user facing apis, I’m going to sketch out the apis our system moderators will use to add Skus to the ecosystem. Our service does not have any special knowledge about users or permissions, but what we’re going to say is if the incoming request has a header of
system-role: MODERATOR then we’ll allow our server to process these “backdoor” apis.
I’m going to go back to my GraphQL server and add this role to my context.
Now all my resolvers can check if the current request was made by a moderator.
We’ll add a mutation to our types that looks like this:
# import SkuCreateInput from '../generated/prisma.graphql';addSku(sku: SkuCreateInput): Sku
Prisma actually already generated an api like this, but we’re going to wrap it solely for the permission check.
As you can see when creating this sku, we didn’t have a role passed through headers, and we get an error! YASSSSSS.
Okay, lets try this proper now:
Boom, let there be credits.
I’m going to do the same for updating a sku:
# import SkuUpdateInput from '../generated/prisma.graphql';updateSku(skuId: ID!, sku: SkuUpdateInput!): Sku
Last moderator API I’ll make is wrapping creating a pricing table
# import PricingTable from '../generated/prisma.graphql'createPricingTable(pricingTableId: ID!, description: String!, skuIds: [ID!]!): PricingTable
SOLID. Man, that was so easy. We got up these apis so quickly, mainly because Prisma did all the hard work for me. In the next chapter, we’re going to seed out a real use case using these moderation apis. Then we’ll tackle the user facing APIs that will allow us to create transactions and buy credits.