getX doesn't return error messages on bad auth

[brandonmp]

I have a type Wayhome with Authenticated permissions on all fields. the responses from unauthenticated requests vary depending on how I reach the Type.

if they are in fact diff't responses, they should be normalized i think

this query

query q {
  viewer {
    allWayhomes {
      edges {
        node {
          id
        }
      }
    }
  }
}

returns this error

 "errors": [
    {
      "message": "Permission Error. User failed authorization for 1 permissions and does not have access to Viewer.allWayhomes. The permissions had the following scopes: [AUTHENTICATED]",
      "locations": [
        {
          "line": 3,
          "column": 5
        }
      ],
      "path": [
        "viewer",
        "allWayhomes"
      ],
      "status": 403,
      "name": "PermissionError"
    }
  ]
}

however, this query:

query q(id:ID!) {
 getWayhome(id:$id) {
  id
}
}

{
"id": "V2F5aG9tZTox"
}

returns this:

{}

[aputinski]

In my case it's actually returning the data for the query, so it seems like permissions are being ignored when calling get outside of viewer

[aputinski]

It seems the inconsistent permission error is also happening when a query makes a request on a type that has a role based permission and the request was made unauthenticated.

Running the following query unauthenticated

{
  viewer {
    user {
      id
    }
  }
}

Returns the following response

{
  "data": {
    "viewer": {
      "user": null
    }
  }
}

I would have expected an error

[mikeparisstuff]

The permissions issue has been fixed. As for the user returning null that was a design decision as throwing an error caused problems for some client tools like apollo. The null on user is a special case for the logged in user and will return null for unauthenticated requests. I will close this issue.