search

zenstackhq / zenstack

Fullstack TypeScript toolkit that enhances Prisma ORM with flexible Authorization layer for RBAC/ABAC/PBAC/ReBAC, offering auto-generated type-safe APIs and frontend hooks.
https://zenstack.dev
MIT License
2.13k stars 88 forks source link

[BUG] @@auth doesn't work if a User model is defined #1694

Open onimitch opened 1 month ago

onimitch commented 1 month ago

Description and expected behavior If you specify @@auth on a model but also have a User model defined, Zenstack uses the User model for the AuthUser type.

model AuthUser {
    @@auth
    id String @id
}

model User {
    id String @id @default(cuid())
}

With the models above, enhance expects a type matching User despite me marking AuthUser as @@auth.

Currently my workaround is to not use @@auth, and name my AuthUser model User, but that's forced me to name my "real" User model to something else, which I don't want to do.

model User {
    id String @id
}

model RealUser {
    id String @id @default(cuid())
}

Expected behaviour

I can use @@auth on a Model and still define a User model myself.

Environment (please complete the following information)

onimitch commented 1 month ago

I've also just noticed that with this set up:

model User {
    @@ignore
    id String @id
}

model RealUser {
    id String @id @default(cuid())
}

The type of user in enhance call is simply Record<string, unknown>. It would be nice if Zenstack could still generate the correct type based on the Model fields.

onimitch commented 1 month ago

OK going to edit the bug. It looks like @@ignore is a red herring. @@auth simply doesn't work if you have a model called User.