Not Authorized to access createStashItem on type StashItem

[tmageebtr]

I am getting an error when trying to create a record using graphql. Android 33 and Web. Using AppSync console create is successful.

dependencies:
flutter:
sdk: flutter

amplify_flutter: ^1.0.0-next.2
amplify_authenticator: ^1.0.0-next.1+3
amplify_auth_cognito: ^1.0.0-next.2+1
amplify_api: ^1.0.0-next.2+1
amplify_datastore: ^1.0.0-next.2

errors: [GraphQLResponseError{
"message": "Not Authorized to access createStashItem on type StashItem",
"locations": [
{
"line": 1,
"column": 102
}
],
"path": [
"createStashItem"
]
}]

model
type StashItem @aws_cognito_user_pools @model(timestamps:{createdAt: "createdOn", updatedAt: "updatedOn"}) @auth(rules: [ {allow: owner, ownerField: "userid",operations: [create, update, delete, read]}, { allow: public, operations: [create, read]}, ]) { id: ID! @primaryKey userid: String name: String }

code calling create
Future<void> createStashI(name) async { try { final stash = StashItem(name: name); final request = ModelMutations.create(stash, authorizationMode: APIAuthorizationType.userPools); debugPrint("request: $request"); final response = await Amplify.API.mutate(request: request).response; debugPrint("request: $response"); final createdStashItem = response.data; if (createdStashItem == null) { safePrint('errors: ${response.errors}'); return; } safePrint('Mutation result: ${createdStashItem.name}'); } on ApiException catch (e) { safePrint('Mutation failed: $e'); } }

Amplify configure code

Future<void> _configureAmplify() async { if (!Amplify.isConfigured) { try { await Amplify.addPlugins([ AmplifyAuthCognito( credentialStorage: AmplifySecureStorage( config: AmplifySecureStorageConfig( scope: 'api', macOSOptions: MacOSSecureStorageOptions(useDataProtection: false), ), ), ), AmplifyAPI(modelProvider: ModelProvider.instance) ]); await Amplify.configure(amplifyconfig); } on Exception catch (e) { safePrint('An error occurred while configuring Amplify: $e'); } } }

[HuiSF]

Hi @tmageebtr thanks for opening this issue.

When you execute:

final request = ModelMutations.create(stash, authorizationMode: APIAuthorizationType.userPools);

Have you signed in a user?

[tmageebtr]

Yes. Using amplify_authenticator.

`class MyApp extends StatelessWidget {
const MyApp({super.key});

// This widget is the root of your application.
@OverRide
Widget build(BuildContext context) {
_configureAmplify();
return Authenticator(
signUpForm: SignUpForm.custom(
fields: [
SignUpFormField.email(required: true),
SignUpFormField.givenName(),
SignUpFormField.familyName(),
SignUpFormField.custom(
title: 'Bio',
attributeKey: const CognitoUserAttributeKey.custom('bio'),
),
SignUpFormField.password(),
SignUpFormField.passwordConfirmation(),
],
),
child: MaterialApp(
title: 'Flutter Demo',
theme: ThemeData(
primarySwatch: Colors.blue,
),
initialRoute: MyHomePage.routeName,
routes: {
MyHomePage.routeName: (BuildContext context) {
return const AuthenticatedView(
child: MyHomePage(
title: 'Test',
),
);
},
ProfileScreen.routeName: (BuildContext context) {
return const AuthenticatedView(
child: ProfileScreen(),
);
},
ShoppingScreen.routeName: (BuildContext context) {
return const AuthenticatedView(
child: ShoppingScreen(),
);
},
StashScreen.routeName: (BuildContext context) {
return const AuthenticatedView(
child: StashScreen(),
);
},
},
),
);
}
}`

[HuiSF]

Could you provide your amplifyconfiguration.dart content @tmageebtr , I will try to set up a similar env for testing.

[tmageebtr]

Here it is. looking at this I'm wondering if the poolIDs are correct, though I am not sure how to verify. I have not modified this file, it is as generated by cli.

const amplifyconfig = ''' { "UserAgent": "aws-amplify-cli/2.0", "Version": "1.0", "auth": { "plugins": { "awsCognitoAuthPlugin": { "UserAgent": "aws-amplify-cli/0.1.0", "Version": "0.1.0", "IdentityManager": { "Default": {} }, "CredentialsProvider": { "CognitoIdentity": { "Default": { "PoolId": "us-west-1:897625f3-668c-447d-9a60-4180980167c2", "Region": "us-west-1" } } }, "CognitoUserPool": { "Default": { "PoolId": "us-west-1_8fWLRS5Pm", "AppClientId": "2c9t23m23b7isuosjprctqptpi", "Region": "us-west-1" } }, "Auth": { "Default": { "authenticationFlowType": "USER_SRP_AUTH", "socialProviders": [], "usernameAttributes": [ "EMAIL" ], "signupAttributes": [ "EMAIL" ], "passwordProtectionSettings": { "passwordPolicyMinLength": 8, "passwordPolicyCharacters": [] }, "mfaConfiguration": "OFF", "mfaTypes": [ "SMS" ], "verificationMechanisms": [ "EMAIL" ] } }, "AppSync": { "Default": { "ApiUrl": "https://e3pvf3fpbfhfrk5zqjjkfx6bcy.appsync-api.us-west-1.amazonaws.com/graphql", "Region": "us-west-1", "AuthMode": "AMAZON_COGNITO_USER_POOLS", "ClientDatabasePrefix": "authtest_AMAZON_COGNITO_USER_POOLS" }, "authtest_AMAZON_COGNITO_USER_POOLS": { "ApiUrl": "https://e3pvf3fpbfhfrk5zqjjkfx6bcy.appsync-api.us-west-1.amazonaws.com/graphql", "Region": "us-west-1", "AuthMode": "AMAZON_COGNITO_USER_POOLS", "ClientDatabasePrefix": "authtest_AMAZON_COGNITO_USER_POOLS" }, "authtest_API_KEY": { "ApiUrl": "https://e3pvf3fpbfhfrk5zqjjkfx6bcy.appsync-api.us-west-1.amazonaws.com/graphql", "Region": "us-west-1", "AuthMode": "API_KEY", "ApiKey": "da2-plv2gxfayvefjbxt647oetrkmy", "ClientDatabasePrefix": "authtest_API_KEY" } } } } }, "api": { "plugins": { "awsAPIPlugin": { "authtest": { "endpointType": "GraphQL", "endpoint": "https://e3pvf3fpbfhfrk5zqjjkfx6bcy.appsync-api.us-west-1.amazonaws.com/graphql", "region": "us-west-1", "authorizationType": "AMAZON_COGNITO_USER_POOLS", "apiKey": "da2-plv2gxfayvefjbxt647oetrkmy" }, "AdminQueries": { "endpointType": "REST", "endpoint": "https://5ivsri7zp5.execute-api.us-west-1.amazonaws.com/dev", "region": "us-west-1", "authorizationType": "AMAZON_COGNITO_USER_POOLS" } } } } }''';

[tmageebtr]

I updated my code to reflect what is in your example code and create the graphql document by hand rather than use ModelMutations.create. This appears to correctly create the item in the backend.

` final stash = StashItem(name: name);
//final request = ModelMutations.create(stash,
// authorizationMode: APIAuthorizationType.userPools);
//debugPrint("request: $request");
//final response = await Amplify.API.mutate(request: request).response;

const graphQLDocument = r'''mutation MyMutation($name: String!) {
  createStashItem(input: {name: $name}) {
    id
    name
  }
}''';

final GraphQLRequest request = GraphQLRequest<dynamic>(
  document: graphQLDocument,
  variables: <String, dynamic>{'name': name},
  authorizationMode: APIAuthorizationType.userPools,
);

final response = await Amplify.API.mutate(request: request).response;`

[HuiSF]

Oh in that case, I think this issue is caused my the same reason as #2492 .

[tmageebtr]

#2492 . seems to have been the reason. Only affects creates, updates work fine. Closing Issue.