Remove skipAccessControl from keystone.getTypeDefs() (#1592)

.changeset/gorgeous-papayas-fry/changes.json

@@ -0,0 +1,89 @@
+{
+  "releases": [{ "name": "@keystone-alpha/keystone", "type": "major" }],
+  "dependents": [
+    {
+      "name": "@keystone-alpha/api-tests",
+      "type": "patch",
+      "dependencies": [
+        "@keystone-alpha/adapter-knex",
+        "@keystone-alpha/adapter-mongoose",
+        "@keystone-alpha/test-utils",
+        "@keystone-alpha/keystone"
+      ]
+    },
+    {
+      "name": "@keystone-alpha/demo-project-blog",
+      "type": "patch",
+      "dependencies": ["@keystone-alpha/adapter-mongoose", "@keystone-alpha/keystone"]
+    },
+    {
+      "name": "@keystone-alpha/demo-project-meetup",
+      "type": "patch",
+      "dependencies": ["@keystone-alpha/adapter-mongoose", "@keystone-alpha/keystone"]
+    },
+    {
+      "name": "@keystone-alpha/demo-project-todo",
+      "type": "patch",
+      "dependencies": ["@keystone-alpha/adapter-mongoose", "@keystone-alpha/keystone"]
+    },
+    {
+      "name": "@keystone-alpha/adapter-knex",
+      "type": "patch",
+      "dependencies": ["@keystone-alpha/keystone"]
+    },
+    {
+      "name": "@keystone-alpha/adapter-mongoose",
+      "type": "patch",
+      "dependencies": ["@keystone-alpha/keystone"]
+    },
+    {
+      "name": "@keystone-alpha/example-projects-blank",
+      "type": "patch",
+      "dependencies": ["@keystone-alpha/adapter-mongoose", "@keystone-alpha/keystone"]
+    },
+    {
+      "name": "@keystone-alpha/example-projects-starter",
+      "type": "patch",
+      "dependencies": ["@keystone-alpha/adapter-mongoose", "@keystone-alpha/keystone"]
+    },
+    {
+      "name": "@keystone-alpha/example-projects-todo",
+      "type": "patch",
+      "dependencies": ["@keystone-alpha/adapter-mongoose", "@keystone-alpha/keystone"]
+    },
+    {
+      "name": "@keystone-alpha/test-utils",
+      "type": "patch",
+      "dependencies": [
+        "@keystone-alpha/adapter-knex",
+        "@keystone-alpha/adapter-mongoose",
+        "@keystone-alpha/keystone"
+      ]
+    },
+    {
+      "name": "@keystone-alpha/cypress-project-access-control",
+      "type": "patch",
+      "dependencies": ["@keystone-alpha/adapter-mongoose", "@keystone-alpha/keystone"]
+    },
+    {
+      "name": "@keystone-alpha/cypress-project-basic",
+      "type": "patch",
+      "dependencies": ["@keystone-alpha/adapter-mongoose", "@keystone-alpha/keystone"]
+    },
+    {
+      "name": "@keystone-alpha/cypress-project-client-validation",
+      "type": "patch",
+      "dependencies": ["@keystone-alpha/adapter-mongoose", "@keystone-alpha/keystone"]
+    },
+    {
+      "name": "@keystone-alpha/cypress-project-login",
+      "type": "patch",
+      "dependencies": ["@keystone-alpha/adapter-mongoose", "@keystone-alpha/keystone"]
+    },
+    {
+      "name": "@keystone-alpha/cypress-project-social-login",
+      "type": "patch",
+      "dependencies": ["@keystone-alpha/adapter-mongoose", "@keystone-alpha/keystone"]
+    }
+  ]
+}

.changeset/gorgeous-papayas-fry/changes.md

@@ -0,0 +1 @@
+Remove `skipAccessControl` option from `keystone.getTypeDefs()`, `List.getGqlTypes()`, `List.getGqlQueries()`, and `List.getGqlMutations()`.

docs/quick-start/getting-started.md

@@ -17,7 +17,6 @@ This quick start guide will get you up and running in just a few minutes. Let's
 
 ## Requirements
 
-
 Before we start, check that your computer or server meets the following requirements:
 
 - [Node.js](https://nodejs.org/) >= 10.x: Node.js is a server platform which runs JavaScript.

packages/fields/src/Implementation.js

@@ -54,10 +54,6 @@ class Field {
    *
    * NOTE: When a naming conflic occurs, a list's types/queries/mutations will
    * overwrite any auxiliary types defined by an individual type.
-   *
-   * @param options Object skipAccessControl: will be true when the types
-   * should include those that otherwise would be excluded due to access control
-   * checks.
    */
   getGqlAuxTypes() {
     return [];
@@ -66,23 +62,13 @@ class Field {
     return {};
   }
 
-  /**
-   * @param options Object skipAccessControl: will be true when the types
-   * should include those that otherwise would be excluded due to access control
-   * checks.
-   */
   getGqlAuxQueries() {
     return [];
   }
   get gqlAuxQueryResolvers() {
     return {};
   }
 
-  /**
-   * @param options Object skipAccessControl: will be true when the types
-   * should include those that otherwise would be excluded due to access control
-   * checks.
-   */
   getGqlAuxMutations() {
     return [];
   }

packages/keystone/lib/Keystone/index.js

@@ -278,7 +278,7 @@ module.exports = class Keystone {
     return { lists, name: this.name };
   }
 
-  getTypeDefs({ skipAccessControl = false } = {}) {
+  getTypeDefs() {
     // Aux lists are only there for typing and internal operations, they should
     // not have any GraphQL operations performed on them
     const firstClassLists = this.listsArray.filter(list => !list.isAuxList);
@@ -289,7 +289,7 @@ module.exports = class Keystone {
     // graphql-tools will blow up (rightly so) on duplicated types.
     // Deduping here avoids that problem.
     return [
-      ...unique(flatten(this.listsArray.map(list => list.getGqlTypes({ skipAccessControl })))),
+      ...unique(flatten(this.listsArray.map(list => list.getGqlTypes()))),
       ...unique(this._extendedTypes),
       `"""NOTE: Can be JSON, or a Boolean/Int/String
           Why not a union? GraphQL doesn't support a union including a scalar
@@ -351,7 +351,7 @@ module.exports = class Keystone {
       `type Query {
           ${unique(
             flatten([
-              ...firstClassLists.map(list => list.getGqlQueries({ skipAccessControl })),
+              ...firstClassLists.map(list => list.getGqlQueries()),
               this._extendedQueries.map(({ schema }) => schema),
             ])
           ).join('\n')}
@@ -361,7 +361,7 @@ module.exports = class Keystone {
       `type Mutation {
           ${unique(
             flatten([
-              ...firstClassLists.map(list => list.getGqlMutations({ skipAccessControl })),
+              ...firstClassLists.map(list => list.getGqlMutations()),
               this._extendedMutations.map(({ schema }) => schema),
             ])
           ).join('\n')}
@@ -495,7 +495,7 @@ module.exports = class Keystone {
     // reinsert it.
     const schema = `
       scalar Upload
-      ${this.getTypeDefs({ skipAccessControl: true }).join('\n')}
+      ${this.getTypeDefs().join('\n')}
     `;
     fs.writeFileSync(file, schema);
   }

packages/keystone/lib/List/index.js

@@ -330,18 +330,12 @@ module.exports = class List {
     };
   }
 
-  getGqlTypes({ skipAccessControl = false } = {}) {
+  getGqlTypes() {
     // https://github.com/opencrud/opencrud/blob/master/spec/2-relational/2-2-queries/2-2-3-filters.md#boolean-expressions
     const types = [];
-    if (
-      skipAccessControl ||
-      this.access.read ||
-      this.access.create ||
-      this.access.update ||
-      this.access.delete
-    ) {
+    if (this.access.read || this.access.create || this.access.update || this.access.delete) {
       types.push(
-        ...flatten(this.fields.map(field => field.getGqlAuxTypes({ skipAccessControl }))),
+        ...flatten(this.fields.map(field => field.getGqlAuxTypes())),
         `
         """ ${this.schemaDoc || 'A keystone list'} """
         type ${this.gqlNames.outputTypeName} {
@@ -355,7 +349,7 @@ module.exports = class List {
           _label_: String
           ${flatten(
             this.fields
-              .filter(field => skipAccessControl || field.access.read) // If it's globally set to false, makes sense to never show it
+              .filter(field => field.access.read) // If it's globally set to false, makes sense to never show it
               .map(field =>
                 field.schemaDoc
                   ? `""" ${field.schemaDoc} """ ${field.gqlOutputFields}`
@@ -371,7 +365,7 @@ module.exports = class List {
 
           ${flatten(
             this.fields
-              .filter(field => skipAccessControl || field.access.read) // If it's globally set to false, makes sense to never show it
+              .filter(field => field.access.read) // If it's globally set to false, makes sense to never show it
               .map(field => field.gqlQueryInputFields)
           ).join('\n')}
         }`,
@@ -383,13 +377,13 @@ module.exports = class List {
       );
     }
 
-    if (skipAccessControl || this.access.update) {
+    if (this.access.update) {
       types.push(`
         input ${this.gqlNames.updateInputName} {
           ${flatten(
             this.fields
               .filter(({ path }) => path !== 'id') // Exclude the id fields update types
-              .filter(field => skipAccessControl || field.access.update) // If it's globally set to false, makes sense to never let it be updated
+              .filter(field => field.access.update) // If it's globally set to false, makes sense to never let it be updated
               .map(field => field.gqlUpdateInputFields)
           ).join('\n')}
         }
@@ -402,13 +396,13 @@ module.exports = class List {
       `);
     }
 
-    if (skipAccessControl || this.access.create) {
+    if (this.access.create) {
       types.push(`
         input ${this.gqlNames.createInputName} {
           ${flatten(
             this.fields
               .filter(({ path }) => path !== 'id') // Exclude the id fields create types
-              .filter(field => skipAccessControl || field.access.create) // If it's globally set to false, makes sense to never let it be created
+              .filter(field => field.access.create) // If it's globally set to false, makes sense to never let it be created
               .map(field => field.gqlCreateInputFields)
           ).join('\n')}
         }
@@ -455,15 +449,13 @@ module.exports = class List {
     ];
   }
 
-  getGqlQueries({ skipAccessControl = false } = {}) {
+  getGqlQueries() {
     // All the auxiliary queries the fields want to add
-    const queries = flatten(
-      this.fields.map(field => field.getGqlAuxQueries({ skipAccessControl }))
-    );
+    const queries = flatten(this.fields.map(field => field.getGqlAuxQueries()));
 
     // If `read` is either `true`, or a function (we don't care what the result
     // of the function is, that'll get executed at a later time)
-    if (skipAccessControl || this.access.read) {
+    if (this.access.read) {
       queries.push(
         `
         """ Search for all ${this.gqlNames.outputTypeName} items which match the where clause. """
@@ -580,14 +572,12 @@ module.exports = class List {
     return objMerge(this.fields.map(field => field.gqlAuxMutationResolvers));
   }
 
-  getGqlMutations({ skipAccessControl = false } = {}) {
-    const mutations = flatten(
-      this.fields.map(field => field.getGqlAuxMutations({ skipAccessControl }))
-    );
+  getGqlMutations() {
+    const mutations = flatten(this.fields.map(field => field.getGqlAuxMutations()));
 
     // NOTE: We only check for truthy as it could be `true`, or a function (the
     // function is executed later in the resolver)
-    if (skipAccessControl || this.access.create) {
+    if (this.access.create) {
       mutations.push(`
         """ Create a single ${this.gqlNames.outputTypeName} item. """
         ${this.gqlNames.createMutationName}(
@@ -603,7 +593,7 @@ module.exports = class List {
       `);
     }
 
-    if (skipAccessControl || this.access.update) {
+    if (this.access.update) {
       mutations.push(`
       """ Update a single ${this.gqlNames.outputTypeName} item by ID. """
         ${this.gqlNames.updateMutationName}(
@@ -620,7 +610,7 @@ module.exports = class List {
       `);
     }
 
-    if (skipAccessControl || this.access.delete) {
+    if (this.access.delete) {
       mutations.push(`
         """ Delete a single ${this.gqlNames.outputTypeName} item by ID. """
         ${this.gqlNames.deleteMutationName}(