Skip to content

Instantly share code, notes, and snippets.

@darahayes
Last active April 20, 2020 10:08
Show Gist options
  • Save darahayes/072627f41706731eb1809692b6aab1d6 to your computer and use it in GitHub Desktop.
Save darahayes/072627f41706731eb1809692b6aab1d6 to your computer and use it in GitHub Desktop.
input CreateNoteInput {
id: ID
content: String!
_version: Int
}
input CreateTaskInput {
id: ID
title: String!
description: String
status: String
_version: Int
}
input DeleteNoteInput {
id: ID
_version: Int
}
input DeleteTaskInput {
id: ID
_version: Int
}
enum ModelAttributeTypes {
binary
binarySet
bool
list
map
number
numberSet
string
stringSet
_null
}
input ModelBooleanInput {
ne: Boolean
eq: Boolean
attributeExists: Boolean
attributeType: ModelAttributeTypes
}
input ModelFloatInput {
ne: Float
eq: Float
le: Float
lt: Float
ge: Float
gt: Float
between: [Float]
attributeExists: Boolean
attributeType: ModelAttributeTypes
}
input ModelIDInput {
ne: ID
eq: ID
le: ID
lt: ID
ge: ID
gt: ID
contains: ID
notContains: ID
between: [ID]
beginsWith: ID
attributeExists: Boolean
attributeType: ModelAttributeTypes
size: ModelSizeInput
}
input ModelIntInput {
ne: Int
eq: Int
le: Int
lt: Int
ge: Int
gt: Int
between: [Int]
attributeExists: Boolean
attributeType: ModelAttributeTypes
}
input ModelNoteConditionInput {
content: ModelStringInput
and: [ModelNoteConditionInput]
or: [ModelNoteConditionInput]
not: ModelNoteConditionInput
}
type ModelNoteConnection {
items: [Note]
nextToken: String
startedAt: AWSTimestamp
}
input ModelNoteFilterInput {
id: ModelIDInput
content: ModelStringInput
and: [ModelNoteFilterInput]
or: [ModelNoteFilterInput]
not: ModelNoteFilterInput
}
input ModelSizeInput {
ne: Int
eq: Int
le: Int
lt: Int
ge: Int
gt: Int
between: [Int]
}
enum ModelSortDirection {
ASC
DESC
}
input ModelStringInput {
ne: String
eq: String
le: String
lt: String
ge: String
gt: String
contains: String
notContains: String
between: [String]
beginsWith: String
attributeExists: Boolean
attributeType: ModelAttributeTypes
size: ModelSizeInput
}
input ModelTaskConditionInput {
title: ModelStringInput
description: ModelStringInput
status: ModelStringInput
and: [ModelTaskConditionInput]
or: [ModelTaskConditionInput]
not: ModelTaskConditionInput
}
type ModelTaskConnection {
items: [Task]
nextToken: String
startedAt: AWSTimestamp
}
input ModelTaskFilterInput {
id: ModelIDInput
title: ModelStringInput
description: ModelStringInput
status: ModelStringInput
and: [ModelTaskFilterInput]
or: [ModelTaskFilterInput]
not: ModelTaskFilterInput
}
type Mutation {
createTask(input: CreateTaskInput!, condition: ModelTaskConditionInput): Task
updateTask(input: UpdateTaskInput!, condition: ModelTaskConditionInput): Task
deleteTask(input: DeleteTaskInput!, condition: ModelTaskConditionInput): Task
createNote(input: CreateNoteInput!, condition: ModelNoteConditionInput): Note
updateNote(input: UpdateNoteInput!, condition: ModelNoteConditionInput): Note
deleteNote(input: DeleteNoteInput!, condition: ModelNoteConditionInput): Note
}
type Note {
id: ID!
content: String!
_version: Int!
_deleted: Boolean
_lastChangedAt: AWSTimestamp!
owner: String
}
type Query {
syncTasks(
filter: ModelTaskFilterInput,
limit: Int,
nextToken: String,
lastSync: AWSTimestamp
): ModelTaskConnection
getTask(id: ID!): Task
listTasks(filter: ModelTaskFilterInput, limit: Int, nextToken: String): ModelTaskConnection
syncNotes(
filter: ModelNoteFilterInput,
limit: Int,
nextToken: String,
lastSync: AWSTimestamp
): ModelNoteConnection
getNote(id: ID!): Note
listNotes(filter: ModelNoteFilterInput, limit: Int, nextToken: String): ModelNoteConnection
}
type Subscription {
onCreateTask: Task
@aws_subscribe(mutations: ["createTask"])
onUpdateTask: Task
@aws_subscribe(mutations: ["updateTask"])
onDeleteTask: Task
@aws_subscribe(mutations: ["deleteTask"])
onCreateNote(owner: String): Note
@aws_subscribe(mutations: ["createNote"])
onUpdateNote(owner: String): Note
@aws_subscribe(mutations: ["updateNote"])
onDeleteNote(owner: String): Note
@aws_subscribe(mutations: ["deleteNote"])
}
type Task {
id: ID!
title: String!
description: String
status: String
_version: Int!
_deleted: Boolean
_lastChangedAt: AWSTimestamp!
}
input UpdateNoteInput {
id: ID!
content: String
_version: Int
}
input UpdateTaskInput {
id: ID!
title: String
description: String
status: String
_version: Int
}
#set( $limit = $util.defaultIfNull($context.args.limit, 10) )
#set( $ListRequest = {
"version": "2018-05-29",
"limit": $limit
} )
#if( $context.args.nextToken )
#set( $ListRequest.nextToken = $context.args.nextToken )
#end
#if( $context.args.filter )
#set( $ListRequest.filter = $util.parseJson("$util.transform.toDynamoDBFilterExpression($ctx.args.filter)") )
#end
#if( !$util.isNull($modelQueryExpression)
&& !$util.isNullOrEmpty($modelQueryExpression.expression) )
$util.qr($ListRequest.put("operation", "Query"))
$util.qr($ListRequest.put("query", $modelQueryExpression))
#if( !$util.isNull($ctx.args.sortDirection) && $ctx.args.sortDirection == "DESC" )
#set( $ListRequest.scanIndexForward = false )
#else
#set( $ListRequest.scanIndexForward = true )
#end
#else
$util.qr($ListRequest.put("operation", "Scan"))
#end
$util.toJson($ListRequest)
## [Start] Determine request authentication mode **
#if( $util.isNullOrEmpty($authMode) && !$util.isNull($ctx.identity) && !$util.isNull($ctx.identity.sub) && !$util.isNull($ctx.identity.issuer) && !$util.isNull($ctx.identity.username) && !$util.isNull($ctx.identity.claims) && !$util.isNull($ctx.identity.sourceIp) && !$util.isNull($ctx.identity.defaultAuthStrategy) )
#set( $authMode = "userPools" )
#end
## [End] Determine request authentication mode **
## [Start] Check authMode and execute owner/group checks **
#if( $authMode == "userPools" )
## [Start] Static Group Authorization Checks **
#set($isStaticGroupAuthorized = $util.defaultIfNull(
$isStaticGroupAuthorized, false))
## Authorization rule: { allow: groups, groups: ["Admin"], groupClaim: "cognito:groups" } **
#set( $userGroups = $util.defaultIfNull($ctx.identity.claims.get("cognito:groups"), []) )
#set( $allowedGroups = ["Admin"] )
#foreach( $userGroup in $userGroups )
#if( $allowedGroups.contains($userGroup) )
#set( $isStaticGroupAuthorized = true )
#break
#end
#end
## [End] Static Group Authorization Checks **
## [Start] If not static group authorized, filter items **
#if( !$isStaticGroupAuthorized )
#set( $items = [] )
#foreach( $item in $ctx.result.items )
## No Dynamic Group Authorization Rules **
## [Start] Owner Authorization Checks **
#set( $isLocalOwnerAuthorized = false )
## Authorization rule: { allow: owner, ownerField: "owner", identityClaim: "cognito:username" } **
#set( $allowedOwners0 = $item.owner )
#set( $identityValue = $util.defaultIfNull($ctx.identity.claims.get("username"), $util.defaultIfNull($ctx.identity.claims.get("cognito:username"), "___xamznone____")) )
#if( $util.isList($allowedOwners0) )
#foreach( $allowedOwner in $allowedOwners0 )
#if( $allowedOwner == $identityValue )
#set( $isLocalOwnerAuthorized = true )
#end
#end
#end
#if( $util.isString($allowedOwners0) )
#if( $allowedOwners0 == $identityValue )
#set( $isLocalOwnerAuthorized = true )
#end
#end
## [End] Owner Authorization Checks **
#if( ($isLocalDynamicGroupAuthorized == true || $isLocalOwnerAuthorized == true) )
$util.qr($items.add($item))
#end
#end
#set( $ctx.result.items = $items )
#end
## [End] If not static group authorized, filter items **
#end
## [End] Check authMode and execute owner/group checks **
#if( $ctx.error )
$util.error($ctx.error.message, $ctx.error.type, $ctx.result)
#else
$util.toJson($ctx.result)
#end
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment