I have this definition for the owner role of a document:
{
"userId": "%%user.id"
}
This role has read and write permissions. The userId
field is an ObjectId type. I know the request is authenticated and the user is the same user whose objectId is the userId. The response is an error that I am trying to update a document that I am not the owner of. I am also using graphQL for Stitch. Does the GraphQL Authentication flow allow for using complex document roles and permissions?
Anyone know if I am doing something wrong?
Hi Lukas – The userId field will actually need to be of type String vs. ObjectId. Hope that helps!
1 Like
Is there a way to keep it an objectId and still run a match?
This is kind of a big blocker here. I tried using this code instead:
{
"userId": {
"$oid":"%%user.id"
}
}
It said “expected $oid field to contain 24 hexadecimal characters”. Looks like this JSON expression might actually work if it wasn’t for this validation issue? There has got to be a workaround for this. I don’t want to change all of these userIDs into strings.
I’m wondering if using the Realm CLI will work for making this change. Thoughts @Drew_DiPalma?
Hi Lukas – Currently, the best path is to call a function which does the conversion. We are actually in the process of releasing a new expression for Rules that will convert between OID/String and vice-versa but it is probably two weeks away, and at that point you would be able to just use the expression vs. calling a function.
1 Like
Hi @Drew_DiPalma can one use a function inside a JSON expression? Or are you referring to running a function on all the data to convert everything?
Any updates on this new expression in Rules available for this?
Thanks!
Hi Lukas – You can use %function to call a function from a JSON expression. The expanded JSON syntax is in Code Review now but I don’t have a precise timeframe to share other than that it should be available within the next few weeks.
1 Like