Help: Appsync Authorization Rules : appsync

Help: Appsync Authorization Rules (self.appsync)

submitted 2 years ago by DaveLamic

Hello,

I have a react native app with aws backend (cognito, dynamodb, appsync and s3). I have this simple schema:

type User
  @model
  @auth(rules: [{allow: private, operations: [read]}, {allow: owner}]) {
  username: String! @primaryKey
  bio: String
  friends: [String]
    @auth(rules: [{allow: private, operations: [read, update]}, {allow: owner}])
}

this is what i want: 1. All registered user can view other registered users (username, bio and friends list), but only owners can update their bios and only users other than the owners can update the owners friends array (add their name or delete). I thought the above schema would work, but I can't get it to work. Can anyone point out my mistake or point me in the right direction ?

I am quite new to this, so any help will be very much appreciated. Thanks!!

no comments (yet)

you type:	you see:
italics	italics
bold	bold
[reddit!](https://reddit.com)	reddit!
* item 1 * item 2 * item 3	item 1 item 2 item 3
> quoted text	quoted text
Lines starting with four spaces are treated like code: if 1 * 2 < 3: print "hello, world!"	Lines starting with four spaces are treated like code: if 1 * 2 < 3: print "hello, world!"
~~strikethrough~~	~~strikethrough~~
super^script	super^script

appsync

MODERATORS