Permissions per object like in DRF and django-guardian
sgaseretto opened this issue · 1 comments
What do you suggest in order to handle permissions per object for queries and mutations? Like, for example, you implement a project management software where each user can participate in different projects and have a different role in each project, like SCRUM Master, Product Owner, and Developer. One user can be in different projects and have a different role for each project that will allow him to do different kinds of queries and mutations in each project.
Does graphene-django offer something like this or are there any known packages that can be use in orther to achieve this with graphql?
This question is probably best addressed in the graphene-django project. I'm personally using the decorator method shown by @crucialfelix here.