0

我已经定义了一个带有自定义响应的自定义查询,如下所示:

input ILocations {
  id: String
  address: String
  latitude: String
  longitude: String
  city: String
  state: String
}

type IBox {
  id: ID
  type: String
  depth: Float
  height: Float
  width: Float
}

type ITruck {
  id: ID
  basePrice: Float
  brand: String
  model: String
  yearModel: Int
  axes: Int
  hasGPS: Boolean
  tons: Float
  utilityPercentage: Float
  fuelEfficiency: Float
  fuelType: FuelType
  frontPhoto: String
  sidePhoto: String
  backPhoto: String
  measuresPhoto: String
  truckBoxId: ID
  truckFreightDriverId: ID
  box: IBox
}

type IFreightDriver {
  id: ID
  state: String
  city: String
  truck: ITruck
}

type Query {
  quotations(
    origin: ILocations
    destination: ILocations
    boxType: String
    boxSize: Float
    truckTons: Float
  ): [IFreightDriver]
    @function(name: "quotations-${env}")
    @auth(rules: [{ allow: public, provider: iam }])
}

如果我在 AppSync 仪表板上执行此查询:

query {
  quotations (
    origin: {
        address: "sdas"
        latitude: "sdas"
        longitude: "dsa"
        city: "Guadalajara",
        state: "Jalisco"
    },
    destination: {
      address: "sdas"
      latitude: "sdas"
      longitude: "dsa"
      city: "Zapopan",
      state: "Jalisco"
    },
    boxType: "Seca (cerrada)",
    boxSize: 64,
    truckTons: 12
  ) {
    id
  }
}

我收到有关权限的此错误:

{
  "data": {
    "quotations": [
      {
        "id": null
      }
    ]
  },
  "errors": [
    {
      "path": [
        "quotations",
        0,
        "id"
      ],
      "data": null,
      "errorType": "Unauthorized",
      "errorInfo": null,
      "locations": [
        {
          "line": 20,
          "column": 5,
          "sourceName": null
        }
      ],
      "message": "Not Authorized to access id on type IFreightDriver"
    }
  ]
}

但是,如果我对来自 lambda 的响应进行字符串化,并更改查询以接收字符串,如下所示:

  quotations(
    origin: ILocations
    destination: ILocations
    boxType: String
    boxSize: Float
    truckTons: Float
  ): String
    @function(name: "quotations-${env}")
    @auth(rules: [{ allow: public, provider: iam }])

我收到正确的回复...

{
  "data": {
    "quotations": "[{\"id\":\"19847d0c-185c-48f6-9e5c-435e3907133a\",\"state\":\"Jalisco\",\"city\":\"Zapopan\",\"truck\":{\"__typename\":\"Truck\",\"model\":\"1234\",\"tons\":12,\"yearModel\":2020,\"measuresPhoto\":\"freight-driver/19847d0c-185c-48f6-9e5c-435e3907133a/trucks/qzo1x9g7kvb51.jpg\",\"truckFreightDriverId\":\"19847d0c-185c-48f6-9e5c-435e3907133a\",\"createdAt\":\"2020-08-13T21:02:36.305Z\",\"brand\":\"chevrolet\",\"fuelEfficiency\":12,\"truckBoxId\":\"b3d9000f-0464-4c3d-b436-f380b19d6fd5\",\"backPhoto\":\"freight-driver/19847d0c-185c-48f6-9e5c-435e3907133a/trucks/QCzn1_mWetzZjAFavJYSaug4F2IMAeOAzJa7T6rhC5Q.jpg\",\"frontPhoto\":\"freight-driver/19847d0c-185c-48f6-9e5c-435e3907133a/trucks/dlb0275xqna51.png\",\"utilityPercentage\":12,\"updatedAt\":\"2020-08-13T21:02:36.305Z\",\"sidePhoto\":\"freight-driver/19847d0c-185c-48f6-9e5c-435e3907133a/trucks/ebcpyk19csa51.jpg\",\"fuelType\":\"premium\",\"hasGPS\":true,\"id\":\"b7ec3b05-78c6-4ed9-823d-172a1e9991e5\",\"axes\":12,\"box\":{\"__typename\":\"Box\",\"width\":4,\"height\":4,\"updatedAt\":\"2020-08-13T21:02:35.840Z\",\"depth\":4,\"createdAt\":\"2020-08-13T21:02:35.840Z\",\"id\":\"b3d9000f-0464-4c3d-b436-f380b19d6fd5\",\"type\":\"Seca (cerrada)\"}},\"basePrice\":null}]"
  }
}

为什么要求这些权限?如果有人需要我收到的回复:

[
    {
        "id": "19847d0c-185c-48f6-9e5c-435e3907133a",
        "state": "Jalisco",
        "city": "Zapopan",
        "truck": {
            "__typename": "Truck",
            "model": "1234",
            "tons": 12,
            "yearModel": 2020,
            "measuresPhoto": "freight-driver/19847d0c-185c-48f6-9e5c-435e3907133a/trucks/qzo1x9g7kvb51.jpg",
            "truckFreightDriverId": "19847d0c-185c-48f6-9e5c-435e3907133a",
            "createdAt": "2020-08-13T21:02:36.305Z",
            "brand": "chevrolet",
            "fuelEfficiency": 12,
            "truckBoxId": "b3d9000f-0464-4c3d-b436-f380b19d6fd5",
            "backPhoto": "freight-driver/19847d0c-185c-48f6-9e5c-435e3907133a/trucks/QCzn1_mWetzZjAFavJYSaug4F2IMAeOAzJa7T6rhC5Q.jpg",
            "frontPhoto": "freight-driver/19847d0c-185c-48f6-9e5c-435e3907133a/trucks/dlb0275xqna51.png",
            "utilityPercentage": 12,
            "updatedAt": "2020-08-13T21:02:36.305Z",
            "sidePhoto": "freight-driver/19847d0c-185c-48f6-9e5c-435e3907133a/trucks/ebcpyk19csa51.jpg",
            "fuelType": "premium",
            "hasGPS": true,
            "id": "b7ec3b05-78c6-4ed9-823d-172a1e9991e5",
            "axes": 12,
            "box": {
                "__typename": "Box",
                "width": 4,
                "height": 4,
                "updatedAt": "2020-08-13T21:02:35.840Z",
                "depth": 4,
                "createdAt": "2020-08-13T21:02:35.840Z",
                "id": "b3d9000f-0464-4c3d-b436-f380b19d6fd5",
                "type": "Seca (cerrada)"
            }
        },
        "basePrice": null
    }
]

更新:我还尝试将 lambda 响应更改为仅返回一个 id 数组,如下所示:

来自 lambda 的响应: [ { id: '19847d0c-185c-48f6-9e5c-435e3907133a' } ]

来自 AppSync 的错误:

{
  "data": {
    "quotations": [
      {
        "id": null
      }
    ]
  },
  "errors": [
    {
      "path": [
        "quotations",
        0,
        "id"
      ],
      "data": null,
      "errorType": "Unauthorized",
      "errorInfo": null,
      "locations": [
        {
          "line": 20,
          "column": 5,
          "sourceName": null
        }
      ],
      "message": "Not Authorized to access id on type IFreightDriver"
    }
  ]
}

架构.graphql:

type IFreightDriver {
  id: ID
}

type Query {
  quotations(
    origin: ILocations
    destination: ILocations
    boxType: String
    boxSize: Float
    truckTons: Float
  ): [IFreightDriver]
    @function(name: "quotations-${env}")
    @auth(rules: [{ allow: public, provider: iam }])
}
4

1 回答 1

1

You have to provide permission to access IFreightDriver. Since you are setting auth for the query but not on the object it is accessing/returning (which in your case is IFreightDriver), therefore it is throwing you permission error. However, when you switch your query to return just a string, you do not need to set any permission for that and that's why you don't see any error. Same is the case when you are returning just the id of IFreightDriver. It won't allow you to access the ids unless you set permission on IFreightDriver.

于 2020-08-17T00:13:28.000 回答