Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

DataStore multi-auth is not working with mixed owner and public auth rules #2873

Closed
HuiSF opened this issue Apr 18, 2023 · 5 comments
Closed

DataStore multi-auth is not working with mixed owner and public auth rules #2873

HuiSF opened this issue Apr 18, 2023 · 5 comments
Assignees
@thisisabhash
Labels
bug Something isn't working datastore Issues related to the DataStore category work in progress Issues was triaged and investigation done

Comments

@HuiSF
Copy link
Member

HuiSF commented Apr 18, 2023
edited
Loading

Describe the bug

Original issue report aws-amplify/amplify-flutter#2527 | aws-amplify/amplify-flutter#1693
Related amplify-android issue: aws-amplify/amplify-android#2399

DataStore multi-auth is not working as expected.

Take schema

type UserProfile @model @auth(rules: [{ allow: owner }]) {
  id: ID!
  name: String!
}

type ModelA @model @auth(rules: [{ allow: public, provider: apiKey }]) {
  id: ID!
  content: String
}

type ModelB
  @model
  @auth(
    rules: [
      { allow: public, provider: apiKey, operations: [read] }
      { allow: owner }
    ]
  ) {
  id: ID!
  content: String
}

type ModelC
  @model
  @auth(
    rules: [
      { allow: public, provider: apiKey, operations: [read] }
      { allow: private, provider: userPools }
    ]
  ) {
  id: ID!
  content: String
}

When configure DataStore to use multi-auth mode with NO authenticated session:

Expected Behavior

As a developer, I want my end users to have read access to Model A B and C, including receiving subscription events.

models sync queries subscriptions
UserProfile No No
ModelA Yes Yes
ModelB Yes Yes
ModelC Yes Yes

Actual Behavior

models sync queries subscriptions
UserProfile No No
ModelA Yes Yes
ModelB Yes No
ModelC Yes No

What happened: amplify-swift attempted to establish subscriptions for ModelB and ModelC using user credentials, after failure, it doesn’t attempt to establish subscriptions with API key. So the App cannot receive any update of ModelB and ModelC while the public read is allowed on these two models.

This issue is reproducible in v1, I believe it exists in v2 as well.

Steps To Reproduce

Steps to reproduce the behavior:
1. Use above schema example to setup datastore + API sync + auth (default Cognito User Pool + API key as additional auth mode)
2. Start DataStore without signing a user and watch the sync behavior
3. Sign in a user, start DataStore and watch the sync behavior

Expected behavior

See above.

Amplify Framework Version

1.29.2

Amplify Categories

DataStore

Dependency manager

Cocoapods

Swift version

5

CLI version

The latest

Xcode version

The latest

Relevant log output

<details>
<summary>Log Messages</summary>


INSERT LOG MESSAGES HERE
```

Is this a regression?

No

Regression additional context

No response

Device

iPhone 14 simulators

iOS Version

iOS 16

Specific to simulators

No response

Additional context

No response
@HuiSF HuiSF added the datastore Issues related to the DataStore category label Apr 18, 2023
@HuiSF HuiSF mentioned this issue Apr 18, 2023
Closed
1 task
@royjit royjit added the pending-triage Issue is pending triage label Apr 21, 2023
@harsh62 harsh62 removed the pending-triage Issue is pending triage label May 9, 2023
@royjit royjit self-assigned this Jun 9, 2023
@royjit royjit added bug Something isn't working investigating This issue is being investigated labels Jun 9, 2023
@royjit royjit mentioned this issue Jun 19, 2023
Merged
9 tasks
@royjit
Copy link
Contributor

royjit commented Jun 19, 2023

Datastore plugin was not creating subscription for onCreate, onUpdate or onDelete for read rule. Created this PR to handle read during subscription - #3029

This was referenced Jun 30, 2023
Merged
Merged
@royjit
Copy link
Contributor

royjit commented Jul 14, 2023

Fix is released in v1, next step to verify the behavior in v2.

@askemottelson
Copy link

Any plans for fixing this issue for v2?

@royjit royjit removed their assignment Jul 20, 2023
@lawmicha
Copy link
Member

lawmicha commented Oct 2, 2023

Next steps, this PR #3029 should be cherry-picked to main for V2.

@lawmicha lawmicha mentioned this issue Oct 2, 2023
Closed
9 tasks
@thisisabhash thisisabhash self-assigned this Oct 20, 2023
@thisisabhash thisisabhash added work in progress Issues was triaged and investigation done and removed investigating This issue is being investigated labels Oct 20, 2023
@thisisabhash thisisabhash mentioned this issue Oct 20, 2023
Merged
9 tasks
@thisisabhash
Copy link
Member

This is released in Amplify Swift v2.21.5.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@thisisabhash thisisabhash

Labels
bug Something isn't working datastore Issues related to the DataStore category work in progress Issues was triaged and investigation done
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
6 participants
@askemottelson @lawmicha @harsh62 @HuiSF @thisisabhash @royjit