Graphene-django get_node vs get_queryset

I'm currently getting acquainted with graphene-django and there's one aspect of it I'm not quite getting my head around.

I would like to let my users use GraphQL to query our database. I would like them to be able to filter their results by attribute values, so I am providing my models as a ThingNode with filter_fields and interfaces = (relay.Node, ) rather than as a ThingType.

Now, all examples I could find tell me to overload get_node() if I want to interact with the output, for instance in order to check for the user's permissions. However my implementation, as I have it working now, never gets past get_node(), but instead uses get_queryset(). I've looked into existing packages that offer permission management, such as django-graphene-permissions but this also hooks into get_node().

I am now unsure if I should just put my permission checks into ThingNode.get_queryset() instead, or is the fact that my code deviates from all the examples I find means that I'm setting this up the wrong way altogether.

If anyone could give me some hints on this I'd be massively grateful!

Back to Top