You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
@access(query = AuthContext.role == "ADMIN" || AuthContext.id == self.id, mutation = AuthContext.role == "ADMIN" || AuthContext.id == self.id)
model User {
id: Int @pk @autoincrement
name: String
membership: Membership?
}
@access(query = AuthContext.role == "ADMIN" || AuthContext.id == self.user.id, mutation = AuthContext.role == "ADMIN" || AuthContext.id == self.user.id)
model Membership {
id: Int @pk @autoincrement
kind: String
user: User
spouseInfo: String // In real app, more detailed
}
Here we will like users to edit their membership only to the extend of updating the spouseInfo. In other words, users should not be able to assign their membership to another user or change the kind (those must be done by an admin).
Another example:
@access(self.published || AuthContext.role == "admin")
type Concert {
@pk id ...
notes: String @auth(AuthContext.role == "admin").
}
Here, notes should be accessible only to "admin"s regardless of if the concert is published.
The text was updated successfully, but these errors were encountered:
Support field-level access control in the same way as type-level access control to allow expression models such as:
```exo
@postgres
module ProductDatabase {
@access(query = true, mutation = AuthContext.role == "admin")
type Product {
@pk id: Int = autoIncrement()
name: String
salePrice: Float
@access(AuthContext.role == "admin")
purchasePrice: Float
}
}
```
Fixes#59
A specific use case:
Here we will like users to edit their membership only to the extend of updating the
spouseInfo
. In other words, users should not be able to assign their membership to another user or change the kind (those must be done by an admin).Another example:
Here,
notes
should be accessible only to "admin"s regardless of if the concert is published.The text was updated successfully, but these errors were encountered: