Revert "Make authorizer work for nested relations"

[TriPSs]

Reverts #355

Summary by CodeRabbit

• New Features

  • Added standardized cursor-based paging and response types (PageInfo, ConnectionCursor, DeleteManyResponse, UpdateManyResponse, SubTaskDeleteResponse).
  • Introduced relation-level authorization filters in relation resolvers for more consistent filtering.

• Refactor

  • Removed SubSubTask from the auth example (schema, relations, queries/mutations, module) and simplified data seeding to SubTasks only.

• Chores

  • Streamlined authorization exports and typings; removed deprecated authorizer export.

• Tests

  • Removed nested SubSubTask test; minor GraphQL query formatting adjustments.

[coderabbitai]

Walkthrough

Removed SubSubTask feature from the auth example (entities, DTOs, module, schema, tests, fixtures). Simplified data seeding to create only SubTasks. In query-graphql, refactored relation authorization: dropped DI-based authorizers, added decorator-provided relation filters, adjusted Authorizer interface generics, and removed getAuthorizerToken export.

Changes

Cohort / File(s)	Summary
Auth example: remove SubSubTask feature examples/auth/schema.gql	Eliminated all SubSubTask types, inputs, queries, mutations, and aggregations; added generic paging types (DeleteManyResponse, UpdateManyResponse, SubTaskDeleteResponse, PageInfo, ConnectionCursor); updated SubTask surfaces accordingly.
Auth example: module and entities cleanup examples/auth/src/app.module.ts, examples/auth/src/sub-sub-task/*, examples/auth/src/sub-task/sub-task.entity.ts, examples/auth/src/sub-task/dto/sub-task.dto.ts	Removed SubSubTaskModule, DTO, entity, and resolver wiring; deleted SubTask ↔ SubSubTask relation and related imports; dropped UnPagedRelation from SubTaskDTO.
Auth example: tests and fixtures examples/auth/e2e/todo-item.resolver.spec.ts, examples/auth/e2e/fixtures.ts	Removed nested subSubTasks test; minor query formatting tweaks; simplified seeding to only create SubTasks, removing SubSubTask creation.
GraphQL auth API: interface and exports packages/query-graphql/src/auth/authorizer.ts, packages/query-graphql/src/index.ts	Made Authorizer.authorizeRelation non-generic and return Promise<Filter
GraphQL resolvers: relation auth flow packages/query-graphql/src/resolvers/relations/read-relations.resolver.ts, packages/query-graphql/src/resolvers/relations/aggregate-relations.resolver.ts	Replaced DI-based relation authorizer logic with decorator-injected RelationAuthorizerFilter parameters (for READ, one/many); merged relationFilter into queries; removed authorizer injections and related imports.

Sequence Diagram(s)

sequenceDiagram
  autonumber
  participant Client
  participant Resolver as Relation Resolver (OLD)
  participant Authz as Authorizer (DI)
  participant Svc as Query Service

  Client->>Resolver: read relation (one/many)
  Resolver->>Authz: authorizeRelation(relationName, ctx, authCtx)
  Authz-->>Resolver: Filter<Relation> | undefined
  Resolver->>Svc: query(baseFilter ⊓ authFilter)
  Svc-->>Resolver: results
  Resolver-->>Client: results

Loading

sequenceDiagram
  autonumber
  participant Client
  participant Resolver as Relation Resolver (NEW)
  participant Decor as @RelationAuthorizerFilter
  participant Svc as Query Service

  Client->>Resolver: read relation (one/many, relationFilter injected)
  Note over Resolver,Decor: Decorator provides relationFilter at call time
  Resolver->>Svc: query(baseFilter ⊓ relationFilter)
  Svc-->>Resolver: results
  Resolver-->>Client: results

Loading

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~25 minutes

Poem

I nibbled the code, a layer untold,
SubSubTasks hop off the trail so bold.
Filters now glide where DI once stood,
Relations align—sleek, simple, good.
With paws on the keys and ears in the air,
I ship this patch—light, fast, and fair. 🥕✨

Pre-merge checks and finishing touches

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title Check	✅ Passed	The title succinctly indicates that this pull request reverts the previous change which enabled the authorizer for nested relations, directly reflecting the removal of nested authorization logic and related sub-sub-task code in this changeset.
Docstring Coverage	✅ Passed	No functions found in the changes. Docstring coverage check skipped.

✨ Finishing touches

• 📝 Generate docstrings

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch revert-355-enable-nested-auth

---

📜 Recent review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 5d716c3 and b6ee1d1.

📒 Files selected for processing (13)

• examples/auth/e2e/fixtures.ts (1 hunks)
• examples/auth/e2e/todo-item.resolver.spec.ts (3 hunks)
• examples/auth/schema.gql (4 hunks)
• examples/auth/src/app.module.ts (0 hunks)
• examples/auth/src/sub-sub-task/dto/sub-sub-task.dto.ts (0 hunks)
• examples/auth/src/sub-sub-task/sub-sub-task.entity.ts (0 hunks)
• examples/auth/src/sub-sub-task/sub-sub-task.module.ts (0 hunks)
• examples/auth/src/sub-task/dto/sub-task.dto.ts (1 hunks)
• examples/auth/src/sub-task/sub-task.entity.ts (0 hunks)
• packages/query-graphql/src/auth/authorizer.ts (1 hunks)
• packages/query-graphql/src/index.ts (1 hunks)
• packages/query-graphql/src/resolvers/relations/aggregate-relations.resolver.ts (3 hunks)
• packages/query-graphql/src/resolvers/relations/read-relations.resolver.ts (4 hunks)

💤 Files with no reviewable changes (5)

• examples/auth/src/sub-sub-task/sub-sub-task.module.ts
• examples/auth/src/sub-sub-task/sub-sub-task.entity.ts
• examples/auth/src/sub-task/sub-task.entity.ts
• examples/auth/src/app.module.ts
• examples/auth/src/sub-sub-task/dto/sub-sub-task.dto.ts

🧰 Additional context used

🧬 Code graph analysis (3)

packages/query-graphql/src/resolvers/relations/read-relations.resolver.ts (2)

packages/query-graphql/src/decorators/authorize-filter.decorator.ts (1)

• RelationAuthorizerFilter (64-75)

packages/core/src/helpers/query.helpers.ts (1)

• mergeQuery (34-40)

examples/auth/e2e/fixtures.ts (1)

examples/fetch-all-with-negative/e2e/fixtures.ts (1)

• todoItems (9-9)

packages/query-graphql/src/resolvers/relations/aggregate-relations.resolver.ts (1)

packages/query-graphql/src/decorators/authorize-filter.decorator.ts (1)

• RelationAuthorizerFilter (64-75)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (7)

• GitHub Check: check (22.x, test)
• GitHub Check: check (22.x, lint)
• GitHub Check: check (23.x, test)
• GitHub Check: e2e-test (20.x, mysql)
• GitHub Check: e2e-test (21.x, postgres)
• GitHub Check: e2e-test (20.x, postgres)
• GitHub Check: e2e-test (21.x, mysql)

🔇 Additional comments (4)

examples/auth/e2e/todo-item.resolver.spec.ts (1)

623-623: LGTM! Cosmetic formatting changes.

The added space after the opening brace in the GraphQL query strings is a minor formatting adjustment with no semantic impact.

Also applies to: 650-650, 677-677

examples/auth/src/sub-task/dto/sub-task.dto.ts (1)

2-2: LGTM! Import cleanup aligns with SubSubTask removal.

Removing UnPagedRelation from the imports is correct since SubSubTask relations have been removed from this DTO. The import list now accurately reflects what's used in the file.

examples/auth/e2e/fixtures.ts (1)

53-63: LGTM! Simplified fixture setup.

The refactoring successfully flattens the two-stage subtask/sub-subtask creation into a single-pass reduction. The logic correctly creates 3 subtasks per todo item with proper parent and owner linkage. The type annotation Partial<SubTaskEntity>[] appropriately matches TypeORM's repository.save() signature.

examples/auth/schema.gql (1)

179-180: LGTM! Standard GraphQL types added.

The auto-generated schema correctly adds standard GraphQL types:

• ConnectionCursor scalar for cursor-based pagination
• DeleteManyResponse and UpdateManyResponse for bulk operation results
• PageInfo for connection pagination metadata

These are necessary infrastructure types to support the simplified schema after SubSubTask removal.

Also applies to: 459-462, 476-501

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[nx-cloud]

View your CI Pipeline Execution ↗ for commit b6ee1d1

Command	Status	Duration	Result
nx run-many --target=e2e --all	✅ Succeeded	2m 1s	View ↗
nx run-many --target=test --all	✅ Succeeded	2m 13s	View ↗
nx run-many --target=lint --all	✅ Succeeded	1m 7s	View ↗
nx run-many --target=build --all	✅ Succeeded	12s	View ↗
nx run workspace:version	✅ Succeeded	<1s	View ↗

---

☁️ Nx Cloud last updated this comment at 2025-10-06 07:37:28 UTC