Open jewells07 opened 1 month ago
You are defining price as required, which means it must never be null. But it will be null if someone lacks read permission, hence the conflict.
A solution is to either make price optional, or add a field level permission allowing everyone to read that field.
Hey @jewells07, Thanks for raising this. We are trying to reproduce the issue. Will you be able to share the full schema?
You are defining price as required, which means it must never be null. But it will be null if someone lacks read permission, hence the conflict.
A solution is to either make price optional, or add a field level permission allowing everyone to read that field.
It has required so on create it won't be null but in read why we need it? Example: If I book a flight, why would I need to show it to all users? Similar goes to the message: I should not give read permission of messages to all users
Hey @jewells07, Thanks for raising this. We are trying to reproduce the issue. Will you be able to share the full schema?
Booking: a
.model({
slug: a
.string()
.required()
.authorization((allow) => [
allow.authenticated().to(['create', 'read']),
allow.owner().to(['read']),
allow.group('Admin').to(['create', 'read']),
]),
price: a.float().required(),
})
.authorization((allow) => [
allow.authenticated().to(['create']),
allow.owner().to(['read']),
allow.group('Admin'),
]),
Hey @jewells07, Thanks for sharing the model. Currently, this is not supported. Hence, marking this as a feature request for the team to evaluate further.
I'm also interested in this use case being supported.
How did you install the Amplify CLI?
npm
If applicable, what version of Node.js are you using?
v20.14.0
Amplify CLI Version
12.12.2
What operating system are you using?
Windows
Did you make any manual changes to the cloud resources managed by Amplify? Please describe the changes made.
No manual changes made
Describe the bug
It forces us to give read permission to all authorizations. Above code I need to add read permission to allow.authenticated().to(['read', 'create']).
Expected behavior
Only Owner and Admins should read the Booking and all authenticated users
Reproduction steps
Booking: a .model({ .... price: a.float().required(), ..... }) .authorization((allow) => [ allow.authenticated().to([ 'create']), allow.owner().to(['read']), allow.group('Admin'), ])
Project Identifier
No response
Log output
Additional information
No response
Before submitting, please confirm: