You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
If applicable, what version of Node.js are you using?
v20.11.1
Amplify CLI Version
12.12.3
What operating system are you using?
Windows 11
Did you make any manual changes to the cloud resources managed by Amplify? Please describe the changes made.
No manual changes made
Describe the bug
I tried to run a delete mutation on AWS AppSync to test if my API works, it seems that I can create a record with @auth with the tokens but it failed to delete the object I just created. I confirmed the owner of the record is the same as the one who is trying to delete the same record but it returned "Not Authorized to access deleteBlog on type Mutation" which is very strange.
Provided my schema in Reproduction steps section. Is there any misconfiguration I had made? Thank you.
Expected behavior
The mutation should allow owners of the record to delete their own records.
I can tell it is a bug since I looked at the schema at AppSync, under type Mutation, the label @aws_cognito_user_pools should be added given the schema I pushed. (I did not provide my entire schema in my post). Interestingly, if I define another table like this:
Hi @tszchung019 👋 Thanks for raising this issue. We are working on reproducing the issue. Could you please run below command and send us the report amplify diagnose --send-report. please refer here
Hey 👋 , This issue is being closed due to inactivity. If you are still experiencing the same problem and need further assistance, please feel free to leave a comment. This will enable us to reopen the issue and provide you with the necessary support.
How did you install the Amplify CLI?
npm
If applicable, what version of Node.js are you using?
v20.11.1
Amplify CLI Version
12.12.3
What operating system are you using?
Windows 11
Did you make any manual changes to the cloud resources managed by Amplify? Please describe the changes made.
No manual changes made
Describe the bug
I tried to run a delete mutation on AWS AppSync to test if my API works, it seems that I can create a record with @auth with the tokens but it failed to delete the object I just created. I confirmed the owner of the record is the same as the one who is trying to delete the same record but it returned "Not Authorized to access deleteBlog on type Mutation" which is very strange.
Provided my schema in Reproduction steps section. Is there any misconfiguration I had made? Thank you.
Expected behavior
The mutation should allow owners of the record to delete their own records.
Reproduction steps
type Blog @model @auth(rules: [{ allow: public, operations: [read] }, { allow: owner, operations: [create, update, delete] }]) {
id: ID!
name: String!
summary: String
imgPath: String
posts: [Post] @hasmany @auth(rules: [{ allow: public, operations: [read] }])
}
Project Identifier
No response
Log output
Additional information
No response
Before submitting, please confirm:
The text was updated successfully, but these errors were encountered: