The first thing we can notice is that directives must be declared before they are used within the schema. As a good rule of thumb, position their declarations at the beginning.
Both directives are tied to the FIELD_DEFINITION location; this determines where the directive can be used within the schema, and in fact you can see we decorated the password
and the salary
fields in the respective types with the two directives.
The @sc_hidden
directive we define here will prevent a field value to be sent out in query responses.
This shows us a first alteration of the GraphQL schema behavior; this use case starts showing us exactly what directives are for.
Directives can even accept arguments, pretty much like functions do, as we can see into @sc_required_role
: the behavior we want to add to the schema is the decorated field’s value being accessible if and only if the user has the proper authorization role.