Create Type Permissions
We can also set permissions for which fields a role can access by setting TypePermissions
.
Add TypePermissions
We can then modify the TypePermissions
in the same file to the following:
---kind: TypePermissionsversion: v1definition:typeName: Userspermissions:- role: adminoutput:allowedFields:- createdAt- favoriteArtist- id- isEmailVerified- lastSeen- name- password- updatedAt- role: useroutput:allowedFields:- favoriteArtist- id- name- password
Since the CLI should still be running in dev
mode, as we make our changes it will create a new build automatically.
When our build is ready, we can add the following headers in our project's Console:
Key | Value |
---|---|
x-hasura-role | user |
x-hasura-user-id | 7cf0a66c-65b7-11ed-b904-fb49f034fbbb |
If we re-run the same query as before, Hasura will parse these values and apply our permissions, returning only Sean's
data and only the fields he access to under the user
role:
Just like that, we've defined who can access the users
model and what data they can access 🎉
Did you find this page helpful?
Start with GraphQL on Hasura for Free
Build apps and APIs 10x faster
Built-in authorization and caching
8x more performant than hand-rolled APIs
![Promo](/learn/graphql/hasura-v3/static/hasura-free-ff60e409244e0ea12b5a3045d1a9096b.png)
![footer illustration](https://graphql-engine-cdn.hasura.io/learn-hasura/assets/footer-img.png)