forked from aws-samples/aws-serverless-airline-booking
-
Notifications
You must be signed in to change notification settings - Fork 0
/
schema.graphql
88 lines (81 loc) · 2.56 KB
/
schema.graphql
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
# Flight uses API authorization level
# and fine-grained auth to only allow authenticated users to read flights
# except users member of Admin group
type Flight
@model(subscriptions: null)
# TODO: Commenting this out until we have clear instructions on adding an user as `Admin`
## OR alternatively creating a flight as part of CI while ETL isn't done yet
# @auth(rules:[
# {allow: private, operations: [read]}
# ])
@key(name: "ByDepartureSchedule",
fields: ["departureAirportCode", "arrivalAirportCode", "departureDate"],
queryField: "getFlightBySchedule")
{
id: ID!
departureDate: String!
departureAirportCode: String!
departureAirportName: String!
departureCity: String!
departureLocale: String!
arrivalDate: String!
arrivalAirportCode: String!
arrivalAirportName: String!
arrivalCity: String!
arrivalLocale: String!
ticketPrice: Int!
ticketCurrency: String!
flightNumber: Int!
seatAllocation: Int # Disabling due to regression in amplify-cli 4.13.1: @deprecated(reason: "use seatCapacity instead. seatAllocation will be removed in the stable release.")
seatCapacity: Int!
}
# Booking uses API authorization level
# and fine-grained auth to only allow book owners to see their own bookings
# and any authenticated user member of Admin group (e.g. could be travel agency, etc.)
type Booking
@model(subscriptions: null)
@auth(rules: [
{allow: owner, ownerField: "customer", identityField: "sub", operations: [read]},
{allow: groups, groups: ["Admin"]}
])
@key(name: "ByCustomerStatus",
fields: ["customer", "status"],
queryField: "getBookingByStatus")
{
id: ID!
status: BookingStatus!
outboundFlight: Flight! @connection
paymentToken: String!
checkedIn: Boolean
customer: String
createdAt: String
bookingReference: String
}
enum BookingStatus {
UNCONFIRMED
CONFIRMED
CANCELLED
}
input CreateBookingInput {
id: ID
status: BookingStatus
paymentToken: String!
checkedIn: Boolean
customer: String
bookingOutboundFlightId: ID!
}
# Loyalty uses API authorization level
# and loyalty owner is resolved at the resolver level using auth claims
# to unlock admin use case, `customer/owner` field could be added
# NOTE: API key is used for e2e test from Loyalty backend only
type Loyalty @aws_api_key {
points: Int
level: String
remainingPoints: Int
}
type Mutation {
processBooking(input: CreateBookingInput!): Booking
}
type Query {
getLoyalty(customer: String): Loyalty @aws_api_key
}