Graphql - 无权访问来自 AWS AppSync Amplify 控制台的错误消息

IT技术 reactjs graphql amazon-dynamodb next.js aws-amplify
2021-05-14 04:58:06

我正在使用 React + NextJs 并实现了 Amplify Graphql。我已登录并将当前用户设置为管理员组,但是,我无法根据 authorId 更改数据。

登录的用户 ID 为1234(例如)

type Xp
  @model
  @key(name: "xpsByUserId", fields: ["authorId"])
  @auth(
    rules: [
      { allow: owner, ownerField: "authorId" }
      { allow: public, operations: [read] }
      { allow: private, operations: [read] }
    ]
  ) {
  id: ID!
  authorId: ID!
  author: User @connection(fields: ["authorId"])
  name: String
  visibility: Visibility
  post: [Post] @connection(name: "XpPosts")
  createdAt: String
}

尝试变异:

mutation MyMutation {
  createXp(input: {authorId: "1234", name: "fdsfa"}) {
    id
    name
    author {
      username
    }
  }
}

我收到一条消息: Not Authorized to access createXp on type Xp

这是我的用户类型:

type User
  @model(subscriptions: null)
  @key(fields: ["userId"])
  @auth(
    rules: [
      { allow: groups, groups: ["Admin"] }
      { allow: owner, ownerField: "userId" }
      { allow: private, operations: [read] }
    ]
  ) {
  userId: ID!
  username: String!
  email: String!
  posts: [Post] @connection(keyName: "postsByUserId", fields: ["userId"])
  xps: [Xp] @connection(keyName: "xpsByUserId", fields: ["userId"])
  createdAt: String
  updatedAt: String
  following: [Following] @connection(keyName: "followingByUserId", fields: ["userId"])
}

我在这里做错了什么?

1个回答

尝试按照链接在 Xp 模型中提及身份验证规则,如下所示

type Xp
  @model
  @key(name: "xpsByUserId", fields: ["authorId"])
  @auth(
    rules: [
      { allow: owner, ownerField: "authorId", operations: [create, delete, read, update] },
      { allow: groups, groups: ["Admin"], operations: [create, delete, read, update]  },
      { allow: public, operations: [read] },
      { allow: private, operations: [read] }
    ]
  ) {
  id: ID!
  authorId: ID!
  author: User @connection(fields: ["authorId"])
  name: String
  visibility: Visibility
  post: [Post] @connection(name: "XpPosts")
  createdAt: String
}