Hasura: Allow users to not vote for their own post
I have three models User, Post, Vote
I tried to create a role-based authorization where the author (the user who creates a post/blog) can't vote for their own post/blog. To identify users, I used Hasura session variables X-Hasura-User-Id. Configuring (Row insert) Permission Rules for Vote table by,
Error:
{
"errors": [
{
"extensions": {
"path": "$.selectionSet.insert_Vote_one.args.object",
"code": "permission-error"
},
"message": "Check constraint violation. insert check constraint failed"
}
]
}
But which given constraint violation for the author and the other users when they try to vote a post/blog. How to solve that issue for the latter case using Permission Rules?
Update
Auth SetUp
I use one of my auth server(express) to create user and access_token which contain the user.id as Hasura session variables X-Hasura-User-Id.
Then I use this access_token to maintain role-based authorization:
小智 2
看来您要制定以下规则:X-Hasura-User-Id!= Vote.blog.User_id(假设 hasura 关系要求blogFK Vote.Blog_id)。
相反,您所做的是确保Vote.User_id!= X-Hasura-User-Id。我假设提交投票的用户始终具有与自己相同的 id。这总是会导致权限约束违规。
除非我误会了什么...
让我们知道这是否有帮助。
| 归档时间: |
|
| 查看次数: |
169 次 |
| 最近记录: |