Complete the code to define a role-based access control directive in GraphQL schema.
directive @auth(role: String!) on [1]The @auth directive is applied on field definitions to enforce role checks on specific fields.
Complete the resolver function to check if user role matches the required role.
if (user.role !== [1]) { throw new Error('Access denied'); }
The required role is typically passed in the context for access control checks.
Fix the error in the directive resolver to correctly get the role argument.
const role = directiveNode.arguments.find(arg => arg.name.value === [1]).value.value;The argument name is a string literal, so it must be enclosed in quotes.
Fill both blanks to define a GraphQL schema with a protected query field using the auth directive.
"" type Query { secretData: String [1] @auth(role: [2]) } """
The field is non-nullable (hence !) and the auth directive requires the role "ADMIN".
Fill all three blanks to implement a resolver that checks user role and returns data if authorized.
const resolver = (parent, args, context, info) => {
if (context.user.role !== [1]) {
throw new Error([2]);
}
return [3];
};The resolver checks if the user role is "ADMIN", throws an error message "Access denied" if not, and returns the secret data from parent.secretData.