Open binarycombinatrix opened 3 weeks ago
Hey,👋 thanks for raising this! I'm going to transfer this over to our API repository for better assistance 🙂
Hey @binarycombinatrix, When using field-level authorization, you must grant at least read permissions to the remaining fields. I've noticed that the category
, debate
, description
, url
, thumbnail
, dp
, dn
, and username
fields in the Video
model are missing permissions. Please modify the fields as shown below and let me know if this resolves your issue.
Video: a
.model({
partitionKey: a
.string()
.required()
.authorization((allow) => [
allow.publicApiKey().to(["read"]),
allow.owner(),
]),
sortKey: a
.string()
.required()
.authorization((allow) => [
allow.publicApiKey().to(["read"]),
allow.owner(),
]), ////video title or username + uuidv1
type: a
.string()
.required()
.authorization((allow) => [
allow.publicApiKey().to(["read"]),
allow.owner(),
]), ///specify type to avoid confusion
category: a
.string()
.authorization((allow) => [allow.publicApiKey().to(["read"])]),
debate: a
.json()
.array()
.authorization((allow) => [allow.publicApiKey().to(["read"])]), ///debate of the video
description: a
.string()
.authorization((allow) => [allow.publicApiKey().to(["read"])]), ///channel or video description
url: a
.string()
.authorization((allow) => [allow.publicApiKey().to(["read"])]), ///video url
thumbnail: a
.string()
.authorization((allow) => [allow.publicApiKey().to(["read"])]), ///video thumbnail
dp: a
.string()
.authorization((allow) => [allow.publicApiKey().to(["read"])]), ///user dp can store in both cases,
comment: a
.ref("Comment")
.array()
.authorization((allow) => [
allow.publicApiKey().to(["read"]),
allow.authenticated(),
]), ///only in case of video
dn: a
.string()
.authorization((allow) => [allow.publicApiKey().to(["read"])]), //display name
username: a
.string()
.authorization((allow) => [allow.publicApiKey().to(["read"])]),
})
.identifier(["partitionKey", "sortKey"])
.authorization((allow) => [
// allow.publicApiKey(),
allow.publicApiKey().to(["read"]),
// Allow signed-in user to create, read, update,
// and delete their __OWN__ posts.
allow.owner(),
]),
Hi @AnilMaktala did you try running your version? Those other fields are not required fields and so do not require field level auth, as the model level authorization applies to them and I added publicApi read to it already.
The error too says the issue is with required fields.
Environment information
Description
Even after specifying field level authorization for all required fields, it says required fields missing field-level authorization rules: below is the schema file amplify/data/resource.ts
The error from the terminal is as below:
Failed to instantiate data construct