c# – .NET 6, GraphQL, MongoDB – modifying incoming query and validating with particular sub-schema

I’m having a problem with building my Web API in .NET6

So, basicly I want to build a system on MongoDb where there is a particular schema of many different collections. Then there are developers that create their applications with data based on my platform and customers that can register into those applications. Also different applications require different collections and their fields.

So when an app is making a GraphQL request to my platform API I want to make sure that it gets/sets only the allowed type of collections and fields(using the sub-schema for validation) as well as they fetch only the collections that belong to customers that registered their app. Example
For example, App1 only can fetch data of Collection 1 and 2 and only for Customer 1 and 2.

My question is how to add to incoming GraphQL query the statement that every collection’s owner(customer) registers app with provided ID? Because right now I have a Controller and JWT Authentication so I know which app makes a query and I have that query as string. Now I need to modify it, as specified before, and make a request to mongoDB Apollo.

What I’ve tried is that using GraphQL package I map incoming graphql string into the GraphQLRequest object:

var movieRequest = new GraphQL.GraphQLRequest
            {
                Query = graphqlStr
            };

Now I don’t know to “how to add to incoming GraphQL query the statement that every collection’s owner(customer) registers app with provided ID”
Like, I have an app ID of the app that makes a request from JWT and every collection in my MongoDB have “ownedBy” field, and Customers collection has “registers” field that is an array with all registered applications.
Also if you are pro in mongoDb, maybe there is a way to set it up in App Service of Atlas?

Read more here: Source link