Auth0 Home Blog Docs

Authorization Series - Pt 3: Dynamic Authorization with GraphQL and Rules

Build a Flask and GraphQL quidditch management system that uses Auth0 rules to implement ABAC and GBAC.

Read on :ferris_wheel:

Brought to you by @holly :woman_technologist:t2:

Let us know if you have any questions regarding that!

  axios({
    url: 'https://4ee74187.ngrok.io/graphql',
    method: 'post',
    data: {
      query: `
        {
          getPlayer(name: "${name}") {
            name
            position
            year
          }
        }
        `
    }
   })

Where does the year come from? I cannot see it in db schema, is this an other API?

Hey there!

Thanks for reporting that! year is a property for Player object but it’s missing in the db. @holly can you take a look at that? Is there something we’re missing from the tutorial?

Good catch @huyennbl. The year field is in the file models.py and then populated in seeder.txt. That screenshot of the database structure was taken before I added it to the app, so a little outdated, but the code itself should be working. Updating the image now, thanks!

1 Like

Perfect! Thanks a lot for that @holly!