Cannot query on relationship on a custom mutation resolver

What I am doing:

I defined a custom mutation in the schema.graphql:

type Mutation {
  addPartner: User! @resolver(name: "addPartner")
}

This custom mutation should update the user document and then return back the updated value including.

Here’s what the User collection looks like:

type User @collection(name: "users") {
  email: String! @unique
  partner: User @relation
}

For simplicity, it doesn’t matter what the function does, it might be doing some validations or whatever, it’s completely irrelevant, in this scenario it’s pairing the user A with another user – B – that is the A’s partner.

Here’s the function:

Update(Function("addPartner"), {
  role: "admin",
  body: Query(
    Lambda(
      ["data"],
      Update(
        CurrentIdentity(),
        {
          data: {
            partner: Ref(Collection("users"), "1231231312")
          }
        }
      )
    )
  )
})

In this case, it’s hard coded, again, it’s doesn’t matter as long as the lambda returns Update call it can be replicated,

So you’d assume you can do this:

mutation {
  addPartner {
    _id
    email
    partner {
       _id
      email
    }
  }
}

but the mutation will always return:

{
   _id: 'blah',
   email: 'blah',
   partner: null
}

EXPECTATION:

partner should not be null, it should be the latest updated value.

The same thing happens when I try to add a custom query

function:

Update(Function("getUserData"), {
  role: "admin",
  body: Query(
    Lambda(
      "",
      Get(CurrentIdentity())
    )
  )
});

schema:

type Query {
  getUserData: User! @resolver(name: "getUserData")
}

query:

{
  partner {
    _id
  }
}

Current behaviour:

{
  partner: null
}

Expected:

{
  partner: {
    _id: "blah"
  }
}

I see you have assigned the admin role to your function getUserData, so you are probably expecting it to be able to return any data in the db without access permissions issues. But that role only holds for operations directly done by the function and any data immediately returned by it.

Since you have a subquery on the partner field, that operation occurs after your UDF returns its data, and thus the only permissions it has to look up the related partner are the roles you have assigned the logged-in user.

My guess is that you probably haven’t given the logged-in user permission to access the User collection via a role.

Yeah, that was my theory too, haven’t checked it out though

I’m experiencing this problem again but this time it’s when querying a relationship in a paginated manner.

You can use the faunadb graphql configurations here GitHub - aprilmintacpineda/react-native-faunadb: A React-Native sample application that uses FaunaDB serverless architecture.

Simply manually run fql files in the /fauna on the dashboarding shell.

Then create the first user, then login:

mutation {
  login (
    data: {
      email: "test@email.com",
      password: "password"
    }
  )
}

use the secret you obtain for the header authorization.

Then run the following query:

{
  getUserData {
    email
    name
    list {
      data {
        _id
        title
      }
    }
  }
}

You’ll get permission denied.

image2344×1378 172 KB

For anyone who comes by this, this was Answered by @ptpaterson on discord.

Relationships are backed by Indexes. You will need to determine, based on your GraphQL schema, which Indexes is it that were generated for that relationship and then also provide read access for that.

For me, I needed to add this:

{
  resource: Index("goal_user_by_user"),
  actions: {
    read: true
  }
}

Setting read to true should be fine as long as you set the proper privileges on the Collection themselves.

This topic was automatically closed 2 days after the last reply. New replies are no longer allowed.