Merge branch 'auth-helpers' into 'master'

feat(middleware): add helpers for authorization middleware

Closes #1

See merge request !2

authorization.js

@@ -9,6 +9,8 @@ const {
   not,
 } = require('graphql-shield')
 
+const { isAdmin, isAuthenticated } = require('./src/helpers')
+
 module.exports = {
   rule,
   inputRule,
@@ -18,4 +20,6 @@ module.exports = {
   chain,
   or,
   not,
+  isAuthenticated,
+  isAdmin,
 }

src/graphqlSchema.js

 const config = require('config')
-
+const isEmpty = require('lodash/isEmpty')
 const { applyMiddleware } = require('graphql-middleware')
 const { shield } = require('graphql-shield')
 let schema = require('pubsweet-server/src/graphql/schema')
 
-if (config.has('permissions')) {
-  schema = applyMiddleware(schema, shield(config.get('permissions')))
+const permissions = config.has('permissions') && config.get('permissions')
+
+if (permissions && !isEmpty(permissions)) {
+  schema = applyMiddleware(schema, shield(permissions))
 }
 
 module.exports = schema

src/helpers.js

+const { rule } = require('graphql-shield')
+
+const isAuthenticated = rule()(async (parent, args, ctx, info) => {
+  return !!ctx.user
+})
+
+const isAdmin = rule()(
+  async (parent, args, { user: userId, connectors: { User } }, info) => {
+    if (!userId) {
+      return false
+    }
+
+    const user = await User.model.findById(userId)
+    return user.admin
+  },
+)
+
+module.exports = {
+  isAuthenticated,
+  isAdmin,
+}