-
Notifications
You must be signed in to change notification settings - Fork 72
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat(graphql-auth-transformer): @auth allow more granular access rights for read #23
Conversation
packages/amplify-graphql-auth-transformer/src/graphql-auth-transformer.ts
Outdated
Show resolved
Hide resolved
packages/amplify-graphql-auth-transformer/src/utils/constants.ts
Outdated
Show resolved
Hide resolved
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Couple minor comments, but overall LGTM
packages/amplify-graphql-auth-transformer/src/__tests__/auth-operations.test.ts
Show resolved
Hide resolved
Hi @Voyager-Two, thank you for reporting this, we're currently investigating it |
@lazpavel I believe I need to add this custom directive and change |
Hi @Voyager-Two, the issue is that even the |
Description of changes
Customers can specify get and list operations in authorization rules.
“{offending operation}” operation is specified in addition to “read”. Either remove “read” to limit access only to “{offending operation}” or only keep “read” to grant both “get” and “list” access.
Issue #9240
Description of how you validated changes
yarn test
passesChecklist
yarn test
passesBy submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.