strapi/packages/strapi-plugin-users-permissions/config/schema.graphql

module.exports = {
  type: {
    UsersPermissionsPermission: false // Make this type NOT queriable.
  },
  resolver: {
    Query: {
      role: {
        resolverOf: 'UsersPermissions.getRole',
        resolver: async (obj, options, ctx) => {
          await strapi.plugins['users-permissions'].controllers.userspermissions.getRole(ctx);

          return ctx.body.role;
        }
      },
      roles: {
        description: `Retrieve all the existing roles. You can't apply filters on this query.`,
        resolverOf: 'UsersPermissions.getRoles', // Apply the `getRoles` permissions on the resolver.
        resolver: async (obj, options, ctx) => {
          await strapi.plugins['users-permissions'].controllers.userspermissions.getRoles(ctx);

          return ctx.body.roles;
        }
      }
    }
  }
};