New: Headless Commerce with Remix! read more

Allow Decorator

Allow

Attaches metadata to the resolver defining which permissions are required to execute the operation, using one or more Permission values.

In a GraphQL context, it can be applied to top-level queries and mutations as well as field resolvers.

For REST controllers, it can be applied to route handlers.

Example

 @Allow(Permission.SuperAdmin)
 @Query()
 getAdministrators() {
     // ...
 }