Al usar AWS re:Post, aceptas las AWS re:Post Términos de uso
AWS re:Postre:Post

GraphQL dynamic groupsField not working if type of group is list

0

I am trying to create a project for internal employees to give permission based on groupsField.

I have referred the AWS documentation for dynamic permission, but it's not working in my case.

Here's relevant part of graphql schema

type something
@auth(
  rules: [

             { allow: groups, groups: ["Admin"] }
             { allow: groups, groupsField: "groupRead", operations: [read] }
             { allow: public }



]
)
  @model
  @searchable
{
  id: ID!
  phone: String
  email: String
  groupRead: [String!]

}

If I try to search the result from my front-end side and in AppSync, it's not allowing me search anything and give back empty array of items.

Two errors:

Not authorized to access the list gives back empty result

But if I change to groupRead: String!

Then it works for front-end as well as in AppSync. But In this case, for dynamoDB I can not assign more than one value to groupRead. As an admin I want to give them more than one department read permission.

All static group permissions are working perfectly fine, for instance Admin.

Goal: groupRead should be type of list, so in DynamoDB I can pass multiple value to groupRead.

Temas
Sin servidorWeb y móvil front-endIntegración de aplicacionesSeguridad, identidad y cumplimientoBase de datos
Etiquetas
AWS AppSyncAmazon CognitoAmazon DynamoDB
Idioma
English
rePost-User-1856738
preguntada hace un año80 visualizaciones
No hay respuestas

No has iniciado sesión. Iniciar sesión para publicar una respuesta.

Una buena respuesta responde claramente a la pregunta, proporciona comentarios constructivos y fomenta el crecimiento profesional en la persona que hace la pregunta.

Pautas para responder preguntas

Contenido relevante