Loading...
Github logo Edit on GitHub

Create Type Permissions

We can also set permissions for which fields a role can access by setting TypePermissions.

Add TypePermissions

We can then modify the TypePermissions in the same file to the following:

---
kind: TypePermissions
version: v1
definition:
  typeName: Users
  permissions:
    - role: admin
      output:
        allowedFields:
          - createdAt
          - email
          - favoriteArtist
          - id
          - isEmailVerified
          - lastSeen
          - name
          - password
          - updatedAt
    - role: user
      output:
        allowedFields:
          - email
          - favoriteArtist
          - id
          - name
          - password

Since the CLI should still be running in dev mode, as we make our changes it will create a new build automatically. When our build is ready, we can add the following headers in our project's Console:

KeyValue
x-hasura-roleuser
x-hasura-user-id7cf0a66c-65b7-11ed-b904-fb49f034fbbb

If we re-run the same query as before, Hasura will parse these values and apply our permissions, returning only Sean's data and only the fields he access to under the user role:

Execute a query

Just like that, we've defined who can access the users model and what data they can access 🎉

Did you find this page helpful?
Github logo Edit on GitHub
Create Model Permissions
Create Nested Permissions
Start with GraphQL on Hasura for Free
  • ArrowBuild apps and APIs 10x faster
  • ArrowBuilt-in authorization and caching
  • Arrow8x more performant than hand-rolled APIs
Try GraphQL with Hasura
Promo
footer illustration
Brand logo
© 2024 Hasura Inc. All rights reserved
Github
Titter
Discord
Facebook
Instagram
Youtube
Linkedin
Star