warning Warning This chapter applies only to the code first approach.
Extensions is an advanced, low-level feature that lets you define arbitrary data in the types configuration. Attaching custom metadata to certain fields allows you to create more sophisticated, generic solutions. For example, with extensions, you can define field-level roles required to access particular fields. Such roles can be reflected at runtime to determine whether the caller has sufficient permissions to retrieve a specific field.
To attach custom metadata for a field, use the
@Extensions() decorator exported from the
In the example above, we assigned the
role metadata property the value of
Role is a simple TypeScript enum that groups all the user roles available in our system.
Note, in addition to setting metadata on fields, you can use the
@Extensions() decorator at the class level and method level (e.g., on the query handler).
Logic that leverages the custom metadata can be as complex as needed. For example, you can create a simple interceptor that stores/logs events per method invocation, or a field middleware that matches roles required to retrieve a field with the caller permissions (field-level permissions system).
For illustration purposes, let's define a
checkRoleMiddleware that compares a user's role (hardcoded here) with a role required to access a target field:
With this in place, we can register a middleware for the
password field, as follows: