Create Type Permissions
We can also set permissions for which fields a role can access by setting TypePermissions
.
Add TypePermissions
We can then modify the TypePermissions
in the same file to the following:
---kind: TypePermissionsversion: v1definition:typeName: Userspermissions:- role: adminoutput:allowedFields:- createdAt- favoriteArtist- id- isEmailVerified- lastSeen- name- password- updatedAt- role: useroutput:allowedFields:- favoriteArtist- id- name- password
Since the CLI should still be running in dev
mode, as we make our changes it will create a new build automatically.
When our build is ready, we can add the following headers in our project's Console:
Key | Value |
---|---|
x-hasura-role | user |
x-hasura-user-id | 7cf0a66c-65b7-11ed-b904-fb49f034fbbb |
If we re-run the same query as before, Hasura will parse these values and apply our permissions, returning only Sean's
data and only the fields he access to under the user
role:
Just like that, we've defined who can access the users
model and what data they can access 🎉
Did you find this page helpful?
Start with GraphQL on Hasura for Free
- Build apps and APIs 10x faster
- Built-in authorization and caching
- 8x more performant than hand-rolled APIs