I’m trying to expose my backend to the wider-web, and want to disallow others from modifying the data.
type MyType @auth (
add: { rule: “{$user: { eq: “mrjn” } }”},
delete: { rule: “{$user: { eq: “mrjn” } }”},
update: { rule: “{$user: { eq: “mrjn” } }”}
){
id: String! @id
text: String! @search(by: [fulltext])
postedAt: DateTime @search @auth()
}
The 3 rules above allow the backend to be secure, so only I can modify the data. But, I also want to hide postedAt from being queried. How do I do that?