search

aws-amplify / amplify-category-api

The AWS Amplify CLI is a toolchain for simplifying serverless web and mobile development. This plugin provides functionality for the API category, allowing for the creation and management of GraphQL and REST based backends for your amplify project.
https://docs.amplify.aws/
Apache License 2.0
89 stars 79 forks source link

[Gen 2] Mutations triggered from lambdas are broken #2658

Closed kekami closed 4 months ago

kekami commented 4 months ago

Environment information

System:
  OS: macOS 14.5
  CPU: (10) arm64 Apple M1 Max
  Memory: 164.77 MB / 32.00 GB
  Shell: /bin/zsh
Binaries:
  Node: 20.14.0 - ~/.nvm/versions/node/v20.14.0/bin/node
  Yarn: 3.8.2 - /opt/homebrew/bin/yarn
  npm: 10.7.0 - ~/.nvm/versions/node/v20.14.0/bin/npm
  pnpm: 8.15.6 - /opt/homebrew/bin/pnpm
NPM Packages:
  @aws-amplify/backend: 1.0.3
  @aws-amplify/backend-cli: 1.0.4
  aws-amplify: 6.3.6
  aws-cdk: 2.147.0
  aws-cdk-lib: 2.147.0
  typescript: 5.3.3
AWS environment variables:
  AWS_SDK_LOAD_CONFIG = 1
  AWS_STS_REGIONAL_ENDPOINTS = regional
  AWS_NODEJS_CONNECTION_REUSE_ENABLED = 1
No CDK environment variables

Data packages

├─┬ @aws-amplify/backend-cli@1.0.4
│ └─┬ @aws-amplify/schema-generator@1.0.0
│   └── @aws-amplify/graphql-schema-generator@0.8.6
└─┬ @aws-amplify/backend@1.0.3
  └─┬ @aws-amplify/backend-data@1.0.2
    └── @aws-amplify/data-construct@1.8.5

Description

Related to #2636 I presume, but it also affects gen2.

In https://docs.amplify.aws/react/build-a-backend/data/customize-authz/grant-lambda-function-access-to-api/ we are supposed to use npx ampx generate graphql-client-code to generate the GraphQL client code to access data, however the generated code also tries to fetch related fields resulting in errors being thrown.

Eg.

export const createTimeReport = /* GraphQL */ `mutation CreateTimeReport(
  $condition: ModelTimeReportConditionInput
  $input: CreateTimeReportInput!
) {
  createTimeReport(condition: $condition, input: $input) {
    created_at
    creator_id
    end_time
    id
    invoice_id
    note
    owners
    rut_category
    salary_id
    service_agreement {
      billing_detail_id
      created_at
      customer_id
      end_date
      id
      owners
      rut_users
      start_date
      updated_at
      user_group_id
      worker_id
      __typename
    }
    service_agreement_id
    shift {
      created_at
      end_time
      id
      owners
      service_agreement_id
      start_time
      updated_at
      worker_id
      __typename
    }
    shift_id
    start_time
    status
    updated_at
    worker {
      additional_emails
      city
      created_at
      email
      first_name
      full_name
      id
      identity_verified
      internal_note
      owner
      phone_number
      postal_code
      role
      sex
      street_address
      surname
      updated_at
      user_id
      __typename
    }
    worker_id
    __typename
  }
}
` as GeneratedMutation<
  APITypes.CreateTimeReportMutationVariables,
  APITypes.CreateTimeReportMutation
>;

Error:

{
    "data": {
        "createTimeReport": {
            "created_at": "2024-06-23T19:18:37.668Z",
            "creator_id": null,
            "end_time": "2024-06-23T18:00:00.496Z",
            "id": "71d6c5bc-6659-4e07-b28f-08ed5836a400",
            "invoice_id": null,
            "note": null,
            "owners": [
                "fde8d0a3-0911-4e5f-809e-3aa0e11245c2"
            ],
            "rut_category": null,
            "salary_id": null,
            "service_agreement": null,
            "service_agreement_id": "4e09ea2e-dbbb-48ea-8625-887ee3e397d6",
            "shift": null,
            "shift_id": null,
            "start_time": "2024-06-23T15:00:00.496Z",
            "status": "pending",
            "updated_at": "2024-06-23T19:18:37.668Z",
            "worker": null,
            "worker_id": "fde8d0a3-0911-4e5f-809e-3aa0e11245c2",
            "__typename": "TimeReport"
        }
    },
    "errors": [
        {
            "path": [
                "createTimeReport",
                "service_agreement",
                "id"
            ],
            "locations": null,
            "message": "Cannot return null for non-nullable type: 'ID' within parent 'ServiceAgreement' (/createTimeReport/service_agreement/id)"
        },
        {
            "path": [
                "createTimeReport",
                "shift",
                "end_time"
            ],
            "locations": null,
            "message": "Cannot return null for non-nullable type: 'AWSDateTime' within parent 'Shift' (/createTimeReport/shift/end_time)"
        },
        {
            "path": [
                "createTimeReport",
                "shift",
                "id"
            ],
            "locations": null,
            "message": "Cannot return null for non-nullable type: 'ID' within parent 'Shift' (/createTimeReport/shift/id)"
        },
        {
            "path": [
                "createTimeReport",
                "service_agreement",
                "worker_id"
            ],
            "locations": null,
            "message": "Cannot return null for non-nullable type: 'ID' within parent 'ServiceAgreement' (/createTimeReport/service_agreement/worker_id)"
        },
        {
            "path": [
                "createTimeReport",
                "shift",
                "service_agreement_id"
            ],
            "locations": null,
            "message": "Cannot return null for non-nullable type: 'ID' within parent 'Shift' (/createTimeReport/shift/service_agreement_id)"
        },
        {
            "path": [
                "createTimeReport",
                "shift",
                "start_time"
            ],
            "locations": null,
            "message": "Cannot return null for non-nullable type: 'AWSDateTime' within parent 'Shift' (/createTimeReport/shift/start_time)"
        },
        {
            "path": [
                "createTimeReport",
                "shift",
                "worker_id"
            ],
            "locations": null,
            "message": "Cannot return null for non-nullable type: 'ID' within parent 'Shift' (/createTimeReport/shift/worker_id)"
        },
        {
            "path": [
                "createTimeReport",
                "worker",
                "id"
            ],
            "locations": null,
            "message": "Cannot return null for non-nullable type: 'ID' within parent 'User' (/createTimeReport/worker/id)"
        },
        {
            "path": [
                "createTimeReport",
                "worker",
                "role"
            ],
            "locations": null,
            "message": "Cannot return null for non-nullable type: 'String' within parent 'User' (/createTimeReport/worker/role)"
        }
    ]
}
phani-srikar commented 4 months ago

This is related to the new security improvement we released. More details found in https://github.com/aws-amplify/amplify-category-api/issues/2636

chrisbonifacio commented 4 months ago

This might also help if using generated graphql statements in Gen 2:

npx ampx generate graphql-client-code --statement-max-depth=1
chrisbonifacio commented 4 months ago

Please see the updates to the following docs:

github-actions[bot] commented 4 months ago

This issue is now closed. Comments on closed issues are hard for our team to see. If you need more assistance, please open a new issue that references this one.

DeezNutz2 commented 4 months ago

Considering how this has broken prod for customers, will the COE be public?