amplify-cli
amplify-cli copied to clipboard
aws-amplify
fix: updated roleName in show auth ACM helper to include the groupClaim
Description of changes
When @auth rules are defined with dynamic groups the roleName is identified by ${rule.provider}:dynamicGroup:${groupsField} which does not uniquely identify a valid @auth rule.
The change updates the roleName to be defined as ${rule.provider}:dynamicGroup:${groupsClaim}:${groupsField} which allows rules that differ by only the groupsClaim property to be appropriately distinguished from each other.
Unit tests have been added to verify the solution (which pass). Manual tests have been done with amplify-dev to verify the solution.
Issue #, if available
#537 (aws-amplify/amplify-category-api)
Description of how you validated changes
Checklist
- [x] PR description included
- [x]
yarn testpasses - [x] Tests are changed or added
Before Proposed Change:
type Blog
@model
@auth(rules: [
{ allow: groups, groupsField: "tenantId", groupClaim: "custom:adminRole" }
{ allow: groups, groupsField: "tenantId", groupClaim: "custom:editorRole", operations: [read, update] }
])
{
id: ID!
name: String!
tenantId: String!
}
PS project-path> amplify status api -acm Blog β GraphQL schema compiled successfully.
Edit your schema at project-path\amplify\backend\api\testproject1\schema.graphql or place .graphql files in a directory at project-path\amplify\backend\api\testproject1\schema π @auth userPools:dynamicGroup:tenantId already exists for Blog
After Proposed Change:
*project-path*> amplify-dev status api -acm Blog
β
GraphQL schema compiled successfully.
Edit your schema at *project-path*\amplify\backend\api\testproject1\schema.graphql or place .graphql files in a directory at *project-path*\amplify\backend\api\testproject1\schema
userPools:dynamicGroup:custom:adminRole:tenantId
ββββββββββββ¬βββββββββ¬βββββββ¬βββββββββ¬βββββββββ
β (index) β create β read β update β delete β
ββββββββββββΌβββββββββΌβββββββΌβββββββββΌβββββββββ€
β id β true β true β true β true β
β name β true β true β true β true β
β tenantId β true β true β true β true β
ββββββββββββ΄βββββββββ΄βββββββ΄βββββββββ΄βββββββββ
userPools:dynamicGroup:custom:editorRole:tenantId
ββββββββββββ¬βββββββββ¬βββββββ¬βββββββββ¬βββββββββ
β (index) β create β read β update β delete β
ββββββββββββΌβββββββββΌβββββββΌβββββββββΌβββββββββ€
β id β false β true β true β false β
β name β false β true β true β false β
β tenantId β false β true β true β false β
ββββββββββββ΄βββββββββ΄βββββββ΄βββββββββ΄βββββββββ
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
@lazpavel np!
Any updates on when this might be finally approved and integrated? I'd really like to use it in my project :)
Codecov Report
Merging #10577 (0cb0ce4) into dev (aaf2210) will increase coverage by
0.02%. The diff coverage is100.00%.
@@ Coverage Diff @@
## dev #10577 +/- ##
==========================================
+ Coverage 47.21% 47.24% +0.02%
==========================================
Files 673 674 +1
Lines 33238 33302 +64
Branches 6710 6736 +26
==========================================
+ Hits 15693 15733 +40
- Misses 15853 15876 +23
- Partials 1692 1693 +1
| Impacted Files | Coverage Ξ | |
|---|---|---|
| ...li/src/extensions/amplify-helpers/show-auth-acm.ts | 60.93% <100.00%> (ΓΈ) |
|
| ...li/src/domain/amplify-usageData/getUsageDataUrl.ts | 100.00% <0.00%> (+12.50%) |
:arrow_up: |
:mega: Weβre building smart automated test selection to slash your CI/CD build times. Learn more
