tjmoses
Insert/Update permissions errors
Hi,
I have a problem with this plugins, when I try to insert/update with the created mutations I have an error:
GraphQL error: permission denied for table X
I'm using this query with an object for xPatch that contains only values that I want to insert/update:
mnUpdateX(input: {mnPatch: : $xPatch}) {
clientMutationId
}
It seems that this mutation needs permissions on all columns of table, because it works with:
GRANT SELECT, INSERT, UPDATE, DELETE ON x TO x_user;
Is there a way to make it works with some columns only ? For example:
GRANT SELECT, INSERT(id, column_a), UPDATE(id, column_b), DELETE ON x TO x_user;
Interesting. This is definitely possible, and something I originally did not think of since I don't have different permissions across different columns in the same table. Currently for creates and updates, it uses "default" for those attributes.
The fix for creates would be just removing the actual columns and their values for non-used attributes. The only catch is right now you can create a row in the sent batch where some have values and others do not. I suppose a loop to check the values in the sent payload, and just use those would suffice.
For updates, it would be a similar fix but the actual attribute would be removed that wasn't in the sent payload vs a default value since the attributes are set to equal themselves if none are provided. Let me know if this is something you're interested in working on. It will be some time before I can update this.
