`Users.getReadableFields` doesn't get `document`.

[yairtal]

query myMovie {
  movie(input: { id: "123foo" }) {
    result{
      _id
      title
      year
    }
  }
}

When the above runs, the function at canRead on the schema, does not get the document as a one of the variables. The problem is that in permissions.js, users.checkFieldsdoes not get nor send document, so Users.getReadableFields doesn't get document and it never gets to the canRead function.

I'd like only the producers of this movie to know it's title, so in the schema of the movie I give title - canRead: restrictedPermissions, and in restrictedPermissions I'd like to check if the user is the a producer that works in the united states and have copy rights (or whatever), but it's impossible as I don't get the document when this query runs, because in permissions.js , users.checkFields does not get nor send document, so Users.getReadableFields doesn't get document.

[eric-burel]

Related to https://github.com/VulcanJS/Vulcan/issues/2542 We need to implement this: https://github.com/VulcanJS/Vulcan/issues/2542#issuecomment-596961794

[eric-burel]

As far as I understand the issue is that _id has a specific permission ( a custom function), and field with specific permission are not yet filterable (will always be rejected before filtering can even happen)

[yairtal]

True to every field, as I want to give a specific permission (a custom function) to many fields. If you'll follow this path - permissions.js -> users.checkFields -> Users.getReadableFields you'll notice the last doesn't get document, so can't check for custom permissions.