Trying to set a simple authorization rule but `filter` can't handle it

I’m following the Instaclone tutorial here and got to this part: Modeling an Instagram Clone: Authentication - Dgraph Blog

I’ve swapped out a couple names with Todo instead of Comment or something, and I’m just trying to lock down the ability to query stuff unless the user_id matches.

type Todo  @withSubscription @auth(
  query: {
    rule: """
      query($USER_ID: String!) {
        queryTodo {
          TodoBy(filter: { owner_id: { eq: $USER_ID }}) {
            __typename
          }
        }
      }
    """
  }
) {
  id: ID! 
  title: String! 
  description: String! 
  completed: Boolean! 
  owner_id: String
}

Everything looks simple enough, but when I try to Deploy that schema I get this error:

resolving updateGQLSchema failed because Type Todo: @auth:
failed to validate GraphQL rule
[reason : Cannot query field "TodoBy" on type "Todo".]

Which makes sense… there isn’t a “TodoBy” anywhere in the API. So I opened up the GraphQL Explorer and tried to create a query with a filter that would work, but filter doesn’t allow me to filter by any of the subfields (like owner_id)…

What is the purpose of filter if you can’t filter by matching against a model’s fields?

Also, if someone could help me get a simple authorization schema working I would very much appreciate you. :slight_smile:

Here’s another thing I tried based off of these docs:

type Todo  @withSubscription @auth(
  query: {
    rule: """
      query ($USER_ID: String) { 
        queryTodo(filter: {
          owner_id: { # doesn't exist......???
            eq: $USER_ID
          }
        }) {
          id 
        }
      }
    """
  }
) {
  id: ID! 
  title: String! 
  description: String! 
  completed: Boolean! 
  owner_id: String
}

Which gave me this error:

resolving updateGQLSchema failed because Type Todo: @auth:
failed to validate GraphQL rule
[reason : Field "owner_id" is not defined by type TodoFilter.]

Turns out I just needed to add @search to the owner_id field like so:

type Todo  @withSubscription @auth(query: { rule: "query ($USER_ID: String) {   queryTodo(filter: {    owner_id: {      eq: $USER_ID    }  }) {    id   }}"}) {
	id: ID! 
	title: String! 
	description: String! 
	completed: Boolean! 
    owner_id: String @search(by:[hash]) 
}

Thank you so much @amaster507

2 Likes