测试权限

现在开始通过 GraphQL API 测试todos表的权限。

查询

现在继续，通过添加两个请求头查询数据：

x-hasura-role：user
x-hasura-user-id：1

query {
  todos {
    id
    title
    is_public
    is_completed
    user_id
  }
}

你应该会得到类似这样的响应：

待办事项查询

请注意，你收到的响应已针对用户 id 1进行了过滤。如果你将x-hasura-user-id的值改为2，则将仅返回用户 id 2的数据。这确认了我们在先前步骤中配置的权限。

你也可以以类似方式测试users表的权限配置。

Did you find this page helpful?

Edit on GitHub

设置在线用户视图权限

身份验证

Start with GraphQL on Hasura for Free

Build apps and APIs 10x faster
Built-in authorization and caching
8x more performant than hand-rolled APIs

Try GraphQL with Hasura

PRODUCT

Hasura Product Offerings

CAPABILITIES

Performance

Instant API

Observability

API Security

Authorization

SUPPORTED DATABASES

PostgreSQL

SQL Server

Oracle

MySQL

Snowflake

MariaDB

Neon

Google BigQuery

AlloyDB

LEARN

Tutorials

Blog

GraphQL Hub

Why Hasura

Help

CONNECT

Community

Case Studies

Events

Hasura Hub

NEWS

Introducing Instant APIs for MySQL, MariaDB, and Oracle

May 2, 2023

NEWS

Introducing a native Postgres integration to Hasura Cloud in partnership with Neon

Oct 18, 2022

测试权限

查询