amplify-swift icon indicating copy to clipboard operation
amplify-swift copied to clipboard

Published 20 hours ago verified publisher icon aws-amplify

Detected multiple owner type auth rules with a READ operation.

Open TimmBaier opened this issue 3 years ago • 10 comments

Describe the bug

I have this schema:

type Profile @model 
@auth(rules: [
  {allow: owner}, 
  {allow: owner, ownerField: "followerIDs", operations: [read]},
  {allow: public, provider: apiKey}
  ]) {
  id: ID!
  name: String
  ...
  followerIDs: [String]
}

When I use DataStore I can query and create Profiles, but I can't update Profiles and get following warning:

Detected multiple owner type auth rules with a READ operation. We currently do not support this use case. Please limit your type to just one owner auth rule with a READ operation restriction.

Is it correct, that the use case above is not possible with amplify (DataStore) on iOS, or do anyone have an idea what I'm doing wrong?

Steps To Reproduce

Steps to reproduce the behavior:
1. Go to '...'
2. Click on '....'
3. Scroll down to '....'
4. See error

Expected behavior

I should be able to update models that have two owner types defined.

Amplify Framework Version

1.18.1 (2021-12-15)

Amplify Categories

DataStore

Dependency manager

Swift PM

Swift version

5.0

CLI version

7.6.5

Xcode version

13.2.1

Relevant log output

No response

Is this a regression?

No

Regression additional context

No response

Device

iPhone 12 simulator

iOS Version

iOS 15.2

Specific to simulators

No response

Additional context

No response

TimmBaier avatar Jan 12 '22 16:01 TimmBaier

Hi @TimmBaier, thanks for reporting this us. Your schema is valid and I believe the error message you're seeing is an old check we put in place before implementing multiple authorization rules. We are currently looking into and we'll update this issue with our findings.

diegocstn avatar Jan 15 '22 01:01 diegocstn

If I have the env deployed with the schema above, just comment out the second owner locally and generate the swift code with amplify codegen models I can update and sync without problems.

TimmBaier avatar Jan 15 '22 15:01 TimmBaier

If I have the env deployed with the schema above, just comment out the second owner locally and generate the swift code with amplify codegen models I can update and sync without problems.

What if I need the second owner?

maziarzamani avatar Jan 27 '22 08:01 maziarzamani

Unfortunately dynamic auth rules like array of owners aren’t fully compatible with DataStore at the moment as subscriptions with multiple owner rules require extra support from the service, therefore we'll need to hold off a bit on the PR. @maziarzamani @TimmBaier we'll update this thread and the PR.

diegocstn avatar Feb 09 '22 20:02 diegocstn

Unfortunately dynamic auth rules like array of owners aren’t fully compatible with DataStore at the moment as subscriptions with multiple owner rules require extra support from the service, therefore we'll need to hold off a bit on the PR. @maziarzamani @TimmBaier we'll update this thread and the PR.

Hi @diegocstn. Thanks for the reply. Is there a workaround? Our product relies on multiple owners, without this we cannot launch, ever.

maziarzamani avatar Feb 09 '22 20:02 maziarzamani

Any update on this one? Our project is still stuck.

maziarzamani avatar Mar 29 '22 07:03 maziarzamani

I too am looking for this feature. After finally figuring out the right way to handle this I got hit by this error with subscriptions. I filed an issue #10110 that talks about what use case I'm seeking BUT the relevant info related to this issue is in my first comment which speaks to exactly this.

Etep15 avatar Apr 01 '22 05:04 Etep15

Unfortunately dynamic auth rules like array of owners aren’t fully compatible with DataStore at the moment as subscriptions with multiple owner rules require extra support from the service, therefore we'll need to hold off a bit on the PR. @maziarzamani @TimmBaier we'll update this thread and the PR.

You mentioned "subscriptions", what if we do not use subscriptions? As far as I can see the iOS SDK fails with the presence of arrays without initiating any subscriptions.

maziarzamani avatar Apr 20 '22 14:04 maziarzamani

Unfortunately dynamic auth rules like array of owners aren’t fully compatible with DataStore at the moment as subscriptions with multiple owner rules require extra support from the service, therefore we'll need to hold off a bit on the PR. @maziarzamani @TimmBaier we'll update this thread and the PR.

With this finally released for AppSync, https://aws.amazon.com/blogs/mobile/appsync-enhanced-filtering/ and with the CLI adding support soon: aws-amplify/amplify-category-api#389 what is the timeline for dynamic group support for subscriptions for iOS? Would making SyncExpressions server sided also make sense?

djorgji avatar May 09 '22 20:05 djorgji

Any update?

maziarzamani avatar Sep 18 '22 09:09 maziarzamani

We do also require the feature to have multiple owner type auth rules to share data from the "creator" of the record to many different read-users. The auth rules look like this:

      { allow: owner, ownerField: "owner" operations: [create, read, delete, update] }
      { allow: owner, ownerField: "readers", operations: [read, update] }

Is there any update by when this will be available?

bflatone avatar Nov 18 '22 14:11 bflatone

We do also require the feature to have multiple owner type auth rules to share data from the "creator" of the record to many different read-users. The auth rules look like this:

      { allow: owner, ownerField: "owner" operations: [create, read, delete, update] }
      { allow: owner, ownerField: "readers", operations: [read, update] }

Is there any update by when this will be available?

@dnys1 this is the same issue I reported to you way back in November of 2021, correct? I know there are a few issues open on this, do any of them have additional information that may be useful to @bflatone and myself? I'm still looking to implement multiple owner records with subscriptions using DataStore. Please advise and thanks for your continued help.

bzark avatar Nov 18 '22 21:11 bzark

Any progress?

maziarzamani avatar Dec 12 '22 20:12 maziarzamani

Any progress?

I'm looking at this stuff as we speak. I uncovered this re:Invent video last night and this looks promising. The video link below is at the current time of the auth rules that coincide to the ones I need for my project. They talk about real-time sync between customer order and the driver flutter app so this all seems very promising. FYI, they are using BETA flutter plugins.

AWS re:Invent 2022

bzark avatar Dec 12 '22 21:12 bzark

Bumping for an update

maziarzamani avatar Jan 06 '23 09:01 maziarzamani

Any progress?

ErlendHer avatar Aug 04 '23 07:08 ErlendHer

Any update on this, we have a similar use case?

uzaymacar avatar Dec 14 '23 13:12 uzaymacar

I believe the changes to enable this use case was merged in from https://github.com/aws-amplify/amplify-swift/pull/3223

Please try with the latest Amplify version and let us know in a new issue with your schema use case if something isn't working.

lawmicha avatar Jan 08 '24 17:01 lawmicha

⚠️COMMENT VISIBILITY WARNING⚠️

Comments on closed issues are hard for our team to see. If you need more assistance, please either tag a team member or open a new issue that references this one. If you wish to keep having a conversation with other community members under this issue feel free to do so.

github-actions[bot] avatar Jan 08 '24 17:01 github-actions[bot]