Search code examples
amazon-web-servicesgraphqlamazon-dynamodbdynamodb-queries

AWS DynamoDB Queries Not Showing user data unless with Admin privileges

I'm currently not able to query DynamoDB as a generic user to obtain the user's own details. It's worth noting when given admin privileges the user can execute queries and the work as intended; so it's not a problem with the data but rather the privileges of users.

I believe the problem is arising due to the nature of "owner" property in graphQL and my means of authentication (which is email & password). I believe the "owner" property might only work with username & password but I cannot find any documentation to back this so it's a stab in the dark. Does anyone have any ideas as to why the user is unable to receive their own data?

Query: Query & Result

Admin Privileges: Admin Privileges

Schema.graphql:

type User @model 
@auth(rules: [
{allow: groups, groups: ["Admin"] },
{allow: owner, ownerField: "username", operations: [read]}
])
{
  id: ID!
  email: String!
}
Solution

  • Replace ownerfield "username" with "id"

    type User @model 
@auth(rules: [
{allow: groups, groups: ["Admin"] },
{allow: owner, ownerField: "id", operations: [read]}
])
{
  id: ID!
  email: String!
}