【发布时间】:2021-09-28 14:47:01
【问题描述】:
我正在使用 React + NextJs 并实现了 Amplify Graphql。我已登录并将当前用户设置为管理员组,但是,我无法根据 authorId 更改数据。
登录的userId是1234(例如)
type Xp
@model
@key(name: "xpsByUserId", fields: ["authorId"])
@auth(
rules: [
{ allow: owner, ownerField: "authorId" }
{ allow: public, operations: [read] }
{ allow: private, operations: [read] }
]
) {
id: ID!
authorId: ID!
author: User @connection(fields: ["authorId"])
name: String
visibility: Visibility
post: [Post] @connection(name: "XpPosts")
createdAt: String
}
尝试变异:
mutation MyMutation {
createXp(input: {authorId: "1234", name: "fdsfa"}) {
id
name
author {
username
}
}
}
我收到一条消息:Not Authorized to access createXp on type Xp
这是我的用户类型:
type User
@model(subscriptions: null)
@key(fields: ["userId"])
@auth(
rules: [
{ allow: groups, groups: ["Admin"] }
{ allow: owner, ownerField: "userId" }
{ allow: private, operations: [read] }
]
) {
userId: ID!
username: String!
email: String!
posts: [Post] @connection(keyName: "postsByUserId", fields: ["userId"])
xps: [Xp] @connection(keyName: "xpsByUserId", fields: ["userId"])
createdAt: String
updatedAt: String
following: [Following] @connection(keyName: "followingByUserId", fields: ["userId"])
}
我在这里做错了什么?
【问题讨论】:
-
您正在测试的用户,它的认知子是否与您传递给突变的 authorId 相对应? owner 字段将 cognito sub 与您传入的内容/ownerField 中的内容相匹配。如果这不起作用,您能否尝试在 xp 模型和 allow: owner 行中更新您的 amplify graphql 模式,并检查是否有效:{ allow: owner, ownerField: "authorId", operations: [创建、读取、更新、删除] }
标签: reactjs graphql amazon-dynamodb next.js aws-amplify