Closed GraemeFulton closed 2 years ago
❌ Deploy Preview for vulcan-npm failed.
🔨 Explore the source changes: e812208e7c15b23f3483c31c58065f44084b2a94
🔍 Inspect the deploy log: https://app.netlify.com/sites/vulcan-npm/deploys/61cf02b744d5c1000868380b
I think the issue is upper: the "fields" array should not contain the operators in the first place, but a list of all the fields in the selector (including nested ones). Also, I am not sure why we do this check against the actual Mongo selector ($and) and not the Graphql selector (_and) but there might be a good reason (like handling views/parameters)
Solved in 0.4.11, the default query resolver was getting the wrong fields to test
GraphQL filters such as
_and
,_or
or_not
throws a permissions issue: "You don't have permission to filter model Letter by the following fields: $and. Field is not readable or do not exist." it looks like it's being treated as a field?to reproduce issue, try an _and query, something like this in /api/graphql:
This patch will check if the permissions diff is an graphQl operator, and allow the query to continue if so.