Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Unauthorized Error When Updating Child Object #3797

Closed
rohit3d2003 opened this issue Jul 31, 2024 · 6 comments
Closed

Unauthorized Error When Updating Child Object #3797

rohit3d2003 opened this issue Jul 31, 2024 · 6 comments
Labels
bug Something isn't working datastore Issues related to the DataStore category

Comments

@rohit3d2003
Copy link

rohit3d2003 commented Jul 31, 2024
edited
Loading

Describe the bug

I am encountering an Unauthorized error when attempting to update an existing Child object in my iOS app using AWS Amplify with DataStore. Specifically, the error occurs when updating a Child object that already has parentChildId set to nil. Child object isn't associated to Parent object and hence parentChildId is nil in database. Below is the graphql schema

type Child @model 
  @auth(rules: [
    { allow: owner, operations: [create, read, update, delete] },
    { allow: groups, groups: ["Admin"], operations: [create, read, delete, update] }
  ]) {
  id: ID!
  owner: String @auth(rules: [
    { allow: owner, operations: [create, read, delete] },
    { allow: groups, groups: ["Admin"], operations: [create, read, delete] }
  ])
}

type Parent @model 
  @auth(rules: [
    { allow: owner, operations: [create, read, update, delete] },
    { allow: groups, groups: ["Admin"], operations: [read, delete, update] }
  ]) {
  id: ID!
  children: [Child] @hasMany
  owner: String @auth(rules: [
    { allow: owner, operations: [create, read, delete] },
    { allow: groups, groups: ["Admin"], operations: [read, delete] }
  ])
}

Code to Update Existing Child Object:

let existingChildObject: Child = Code to retrieve existing object
existingChildObject.owner = nil
existingChildObject.parentChildId = nil // existingChildObject.parentChildId is already nil
try await Amplify.DataStore.save(childObject)

Steps To Reproduce

1. Fetch an existing Child object that has parentChildId set to nil.
2. Attempt to update the Child object without changing the parentChildId field.

Expected behavior

The Child object should be updated successfully

Amplify Framework Version

2.36

Amplify Categories

API, DataStore

Dependency manager

Swift PM

Swift version

5.10

CLI version

12.12.4

Xcode version

15.4

Relevant log output

Recovery suggestion: The list of `GraphQLError` contains service-specific messages)
finish(result:)
[SyncMutationToCloudOperation] mutationEvent finished: 188FBB0D-CD31-431F-8BEE-9CFD9C05FA96; result: success(Swift.Result<AWSPluginsCore.MutationSync<AWSPluginsCore.AnyModel>, Amplify.GraphQLResponseError<AWSPluginsCore.MutationSync<AWSPluginsCore.AnyModel>>>.failure(GraphQLResponseError<MutationSync<AnyModel>>: GraphQL service returned a successful response containing errors: [Amplify.GraphQLError(message: "Unauthorized on [parentChildId]", locations: Optional([Amplify.GraphQLError.Location(line: 2, column: 3)]), path: Optional([Amplify.JSONValue.string("updateTransaction")]), extensions: Optional(["errorInfo": Amplify.JSONValue.null, "data": Amplify.JSONValue.null, "errorType": Amplify.JSONValue.string("Unauthorized")]))]
Recovery suggestion: The list of `GraphQLError` contains service-specific messages))

Is this a regression?

Yes

Regression additional context

No response

Platforms

iOS

OS Version

iOS 17.5

Device

iPhone 15

Specific to simulators

No response

Additional context

No response
@5d
Copy link
Member

5d commented Jul 31, 2024

Hi @rohit3d2003 ,

Thank you for bringing this issue to our attention. We will attempt to reproduce and investigate it, and we'll keep you informed as soon as we have more details.

@5d 5d added bug Something isn't working datastore Issues related to the DataStore category labels Jul 31, 2024
@rohit3d2003
Copy link
Author

This only happens when I try to update an existing object. If I create a new child object without parentChildId, everything works fine

@5d
Copy link
Member

5d commented Aug 3, 2024

Here is a similar issue aws-amplify/amplify-category-api#2562.

The issue is that the generated field parentChildId is optional and lacks a defined delete auth rule. Could you try explicitly adding delete permission for that field?

type Child
  @model
  @auth(
    rules: [
      { allow: owner, operations: [create, read, update, delete] }
      {
        allow: groups
        groups: ["Admin"]
        operations: [create, read, delete, update]
      }
    ]
  ) {
  id: ID!
  owner: String
    @auth(
      rules: [
        { allow: owner, operations: [create, read, delete] }
        { allow: groups, groups: ["Admin"], operations: [create, read, delete] }
      ]
    )
  parentChildrenId: ID
    @auth(rules: [{ allow: owner, operations: [create, read, delete] }])
}

@rohit3d2003
Copy link
Author

@5d - This fixed the issue

@thisisabhash
Copy link
Member

Thank you - closing the issue.

@github-actions GitHub Actions
Copy link
Contributor

github-actions bot commented Aug 7, 2024

This issue is now closed. Comments on closed issues are hard for our team to see.
If you need more assistance, please open a new issue that references this one.
If you wish to keep having a conversation with other community members under this issue feel free to do so.

@rohit3d2003 rohit3d2003 mentioned this issue Aug 15, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working datastore Issues related to the DataStore category
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@5d @rohit3d2003 @thisisabhash