fix(example,auth): Fix auth example

examples/auth/src/app.module.ts

@@ -17,8 +17,8 @@ import { UserModule } from './user/user.module';
     }),
     AuthModule,
     UserModule,
-    SubTaskModule,
     TodoItemModule,
+    SubTaskModule,
     TagModule,
   ],
 })

examples/auth/src/sub-task/dto/sub-task.dto.ts

@@ -1,10 +1,12 @@
-import { FilterableField, FilterableRelation, CRUDAuth } from '@nestjs-query/query-graphql';
+import { FilterableField, FilterableRelation, Authorize, Relation } from '@nestjs-query/query-graphql';
 import { ObjectType, ID, GraphQLISODateTime } from '@nestjs/graphql';
 import { TodoItemDTO } from '../../todo-item/dto/todo-item.dto';
-import { UserContext } from '../../auth/auth.interfaces';
+import { SubTaskAuthorizer } from '../sub-task.authorizer';
+import { UserDTO } from '../../user/user.dto';
 
 @ObjectType('SubTask')
-@CRUDAuth({ filter: (context: UserContext) => ({ ownerId: { eq: context.req.user.id } }) })
+@Authorize(SubTaskAuthorizer)
+@Relation('owner', () => UserDTO, { disableRemove: true, disableUpdate: true })
 @FilterableRelation('todoItem', () => TodoItemDTO, { disableRemove: true })
 export class SubTaskDTO {
   @FilterableField(() => ID)
@@ -33,4 +35,7 @@ export class SubTaskDTO {
 
   @FilterableField({ nullable: true })
   updatedBy?: string;
+
+  // dont expose in graphql
+  ownerId!: number;
 }

examples/auth/src/sub-task/sub-task.authorizer.ts

@@ -0,0 +1,17 @@
+import { Authorizer } from '@nestjs-query/query-graphql';
+import { Filter } from '@nestjs-query/core';
+import { UserContext } from '../auth/auth.interfaces';
+import { SubTaskDTO } from './dto/sub-task.dto';
+
+export class SubTaskAuthorizer implements Authorizer<SubTaskDTO> {
+  authorize(context: UserContext): Promise<Filter<SubTaskDTO>> {
+    return Promise.resolve({ ownerId: { eq: context.req.user.id } });
+  }
+
+  authorizeRelation(relationName: string, context: UserContext): Promise<Filter<unknown>> {
+    if (relationName === 'todoItem') {
+      return Promise.resolve({ ownerId: { eq: context.req.user.id } });
+    }
+    return Promise.resolve({});
+  }
+}

examples/auth/src/todo-item/dto/todo-item.dto.ts

@@ -1,13 +1,13 @@
-import { FilterableField, FilterableConnection, FilterableRelation, CRUDAuth } from '@nestjs-query/query-graphql';
+import { FilterableField, FilterableConnection, Authorize, Relation } from '@nestjs-query/query-graphql';
 import { ObjectType, ID, GraphQLISODateTime, Field } from '@nestjs/graphql';
 import { SubTaskDTO } from '../../sub-task/dto/sub-task.dto';
 import { TagDTO } from '../../tag/dto/tag.dto';
 import { UserDTO } from '../../user/user.dto';
 import { UserContext } from '../../auth/auth.interfaces';
 
 @ObjectType('TodoItem')
-@CRUDAuth({ filter: (context: UserContext) => ({ ownerId: { eq: context.req.user.id } }) })
-@FilterableRelation('owner', () => UserDTO, { disableRemove: true, disableUpdate: true })
+@Authorize({ authorize: (context: UserContext) => ({ ownerId: { eq: context.req.user.id } }) })
+@Relation('owner', () => UserDTO, { disableRemove: true, disableUpdate: true })
 @FilterableConnection('subTasks', () => SubTaskDTO, { disableRemove: true })
 @FilterableConnection('tags', () => TagDTO)
 export class TodoItemDTO {