Are there any plans to add more granular error mes...
# prisma-whats-newl
lastmjs
10/04/2017, 8:14 PMAre there any plans to add more granular error messages when a query fails its permission query?
lastmjs
10/04/2017, 8:15 PMI would like to take action based off of which exact permissions are failing, but I can't because the error messages pretty much just tell you that you have insufficient permissions
a
agartha
10/04/2017, 8:15 PMI think that's by design, because you do not want to leak any information to the user regarding that.
l
lastmjs
10/04/2017, 8:15 PMHmmmm...okay, I'll have to think about that
lastmjs
10/04/2017, 8:33 PMWhy does it matter if the user has that information? If using tokens correctly, what harm could it cause?
a
agartha
10/04/2017, 8:34 PMI query for a user, I get an insufficient permission error, I know nothing. Now, with more verbose messages, I get back: Insufficient permissions to access details from this user, because this user does not belong to your organization. Now, I suddenly now that the user actually exists. Just an example.
👍 1
2 Views