Download tutorial as e-book ⚡️

Test out permissions

Let's go ahead and start testing the permissions through the GraphQL API for todos table.

Query

Now let's go ahead and query the data by adding two request headers:

  • x-hasura-role: user
  • x-hasura-user-id: 1
query {
todos {
id
title
is_public
is_completed
user_id
}
}

You should get a response looking something like this:

Todo Query

Note that the response received is filtered for the user id 1. If you change the value for x-hasura-user-id to 2, the data would be returned only for the user id 2. This confirms the permissions that we configured in the previous steps.

You can test the permission configuration similarly for the users table as well.

Did you find this page helpful?
Start with GraphQL on Hasura for Free
  • ArrowBuild apps and APIs 10x faster
  • ArrowBuilt-in authorization and caching
  • Arrow8x more performant than hand-rolled APIs
Promo
footer illustration
Brand logo
© 2022 Hasura Inc. All rights reserved
Github
Titter
Discord
Facebook
Instagram
Youtube
Linkedin