I ve found examples where permissions allow auth users to cr Prisma #prisma-whats-new

I've found examples where permissions allow auth u...

rem

11/04/2017, 9:05 AM

I've found examples where permissions allow auth users to create, but anyone who is authorised can read the document

taikn

11/04/2017, 10:02 AM

you need to add a line to your

graphcool.yml

like this:

Copy code

permissions:
- operation: User.read
  authenticated: true

where

User

is the name of the type you want to set read permissions to

panzupa

11/04/2017, 10:10 AM

so you want authorized or authenticated user to read the document?

rem

11/04/2017, 10:41 AM

I want the user who created the document to be the only one who can read the document.

rem

11/04/2017, 10:41 AM

i.e.

authenticated: true

allows ALL authed users to read.

rem

11/04/2017, 10:41 AM

which is too open for my needs.

panzupa

11/04/2017, 10:41 AM

authentication means that you know who that person is

panzupa

11/04/2017, 10:42 AM

authorization means you decide what she/he can do

panzupa

11/04/2017, 10:42 AM

two different conecpts

panzupa

11/04/2017, 10:42 AM

now you need to create permission query, which is basiacally a filter

panzupa

11/04/2017, 10:44 AM

Copy code

query ($node_id: ID!, $user_id: ID!) {
  SomeDocumentExists(
    filter: {
      id: $node_id,
      createdBy: {
            id: $user_id
        }
      }
    )
}

panzupa

11/04/2017, 10:44 AM

more or less like that

panzupa

11/04/2017, 10:45 AM

assuming you're using builtin system type

User

panzupa

11/04/2017, 10:46 AM

field

createdBy

is of type

User

query above

angly

11/04/2017, 11:00 AM

Isn't this just client-side restrictions?

panzupa

11/04/2017, 11:02 AM

this is executed inside GC so it's server side

3 Views

Open in Slack

Previous Next