View more context



@_config.php @null Another approach if you don’t want an extra HTTP request is just to output a meta tag containing the token (<meta name="csrf-token" content="{$SecurityID}" />)


The simplest solutions are often the best @kinglozzer 😄

💯 (1)
Nemanja Karadzic

I have a data object with many-many relation to member. How can I easily filter output of readNamespacedObjectsto include only those that are connected to currently logged in member and not all of them?

  1. query readMember(ID: 5) {
  2. FirstName
  3. Surname
  4. SomeManyMany {
  5. SomeField
  6. }
  7. }
Nemanja Karadzic

sure... but SomeManyMany needs to be exposed as well and if you hit that endpoint... you get all of them

Nemanja Karadzic

if you define canView on an object, it will be called only once and on a new instance of the object