https://www.prisma.io/ logo
Join Slack
Channels
Powered by Linen
Title
r

rem

11/04/2017, 9:05 AM
I've found examples where permissions allow auth users to create, but anyone who is authorised can read the document
t

taikn

11/04/2017, 10:02 AM
you need to add a line to your 
graphcool.yml
like this: 
permissions:
- operation: User.read
  authenticated: true
where 
User
is the name of the type you want to set read permissions to
p

panzupa

11/04/2017, 10:10 AM
so you want authorized or authenticated user to read the document?
r

rem

11/04/2017, 10:41 AM
I want the user who created the document to be the only one who can read the document.
i.e. 
authenticated: true
allows ALL authed users to read.
which is too open for my needs.
p

panzupa

11/04/2017, 10:41 AM
authentication means that you know who that person is
authorization means you decide what she/he can do
two different conecpts
now you need to create permission query, which is basiacally a filter
query ($node_id: ID!, $user_id: ID!) {
  SomeDocumentExists(
    filter: {
      id: $node_id,
      createdBy: {
            id: $user_id
        }
      }
    )
}
more or less like that
assuming you're using builtin system type 
User
field 
createdBy
is of type 
User
query above
a

angly

11/04/2017, 11:00 AM
Isn't this just client-side restrictions?
p

panzupa

11/04/2017, 11:02 AM
this is executed inside GC so it's server side
View count: 3
Back to #prisma-whats-newJoin thread in Slack