Amplify-cli: Unauthorized error with @connection
Describe the bug
I have received a permission error from AppSync on @connection fields.
Amplify CLI Version
4.23.3 (latest)
To Reproduce
Schema example
type Customer
@searchable
@key(fields: ["id"])
@model
@auth(rules: [{ allow: owner, ownerField: "id", operations: [read, create, update] }]) {
id: ID!
name: String
customerParameters: CustomerParameters @connection(fields: ["id"])
createdAt: AWSDateTime
updatedAt: AWSDateTime
}
type CustomerParameters
@key(fields: ["id"])
@model
@auth(rules: [{ allow: owner, ownerField: "id", operations: [read, create, update] }]) {
id: ID!
value: String!
customer: Customer @connection(fields: ["id"])
}
Query
query query {
getCustomer(id:"123") {
id
name
customerParameters {
id
}
}
}
Response
Version 4.23.3 (latest) it's not working
{
"data": {
"getCustomer": {
"id": "123",
"name": "My Customer",
"customerParameters": null
}
},
"errors": [
{
"path": [
"getCustomer",
"customerParameters"
],
"data": null,
"errorType": "Unauthorized",
"errorInfo": null,
"locations": [
{
"line": 5,
"column": 5,
"sourceName": null
}
],
"message": "Not Authorized to access customerParameters on type Customer"
}
]
}
Expected behavior
Version 4.22.0 it's working
{
"data": {
"getCustomer": {
"id": "123",
"name": "Customer Name"
"customerParameters": null
}
}
}
Desktop (please complete the following information):
The build is being done at Amplify Console.
Additional context
My model schema is big, so I extracted just one piece of it.
Edit.: Amplify version
dtelaroli
All 8 comments
I'm having a similar issue. Mine occurs when I am using a create mutation. For @dtelaroli's example, if I tried to use the createCustomer mutation, I get an error "Not authorized to access customerParameters on Customer."
I am not seeing this problem in my prod environment. I only see it in dev where I am using a newer amplify cli release. I believe I am on 4.24.2 in prod and 4.25.0 in dev.
emmafass
on 26 Jul 2020
This Error started happening for me recently as well. The connections had been working for the last 6 months and then all of a sudden stopped working. I do have an alter-claims function setup to add some custom data to the cognito:groups value, but outside of that nothing custom.
I rolled my version back to 4.22.0 and pushed changes. Still no luck getting the connections to return successfully.
blbigelow
on 27 Jul 2020
@blbigelow You should change something in the model, because, strangely, the amplify does not apply changes if you don't change the model. I lost too much time to discover this behaviour.
dtelaroli
on 27 Jul 2020
@dtelaroli Thanks! I just barely did that and it works now. Locking my team into 4.22 until this gets resolved.
blbigelow
on 27 Jul 2020
@nikhname @attilah I think that you should stop create new releases if we can't update because this issue. Can you help us?
dtelaroli
on 7 Aug 2020
@SwaySway you have an idea about when is your merged #5050 being released? I've just updated to Amplify cli version 4.27.1 and the fix is not there yet. For this release I can see the graphql-auth-transformer is in version 4.15.16 and yours is in 4.15.17 am I correct?
Thank you in advance for your attention.
mogarick
on 14 Aug 2020
@mogarick The fix is included in cli v4.27.2+
SwaySway
on 14 Aug 2020
@SwaySway @dtelaroli @emmafass @blbigelow I can confirm the v4.27.2 cli version solves the problem. One important thing to notice is that you need tu make a dummy or small change to your schema so you can start an amplify push to update server side whatever needs to be updated so the resolvers work with the fix.
In my case i have a one to one connection that is nullable and before the push it was not working even as I had updated the cli. I had to push a dummy change to amplify and then it worked.
Thank you again @SwaySway!
mogarick
on 14 Aug 2020
Related issues
nason
路
3Comments
davo301
路
3Comments
rehos
路
3Comments
MageMasher
路
3Comments
jexh
路
3Comments
Most helpful comment
@mogarick The fix is included in cli v4.27.2+