hasura/graphql-engine
1
0
Fork 0
mirror of https://github.com/hasura/graphql-engine.git synced 2024-12-17 04:24:35 +03:00
Code Issues Projects Releases Wiki Activity
81bdfafd69
graphql-engine/docs/graphql/manual/queries/control-access.rst
Rikin Kachhia d740de9ae2 update docs (#2033)
2019-04-19 16:18:18 +05:30

79 lines
2.0 KiB
ReStructuredText
Raw Blame History

Restrict access to certain fields
=================================
.. contents:: Table of contents
:backlinks: none
:depth: 1
:local:
If you want to restrict access to sensitive fields in a table, you can either use views to expose only the safe fields
or :ref:`restrict access via permissions <restrict_columns>`.
The following section describes setting up a view for this purpose.
**For example**: Say we have a table ``user_profile (id, name, email, phone, address)``, to restrict users to
only have access to the ``id``, ``name`` & ``email`` fields of other users, we can:
Step 1: Create a view
---------------------
Open the Hasura console and head to the ``Data -> SQL`` tab.
Create a view with data from only the required (or public) columns:
.. code-block:: SQL
CREATE VIEW user_public AS
SELECT id, name, email
FROM user_profile;
Step 2: Modify permissions
--------------------------
You will need to revoke permission (if already granted) from the source table and grant access to the newly created
view. So, in our example, we do the following:
#. Remove **select** permissions from the ``user_profile`` table
#. Grant **select** permissions to the ``user_public`` view
Step 3: Query the view
----------------------
You can now query the newly created view like you would a regular table:
.. graphiql::
:view_only:
:query:
query {
user_public {
id
name
email
}
}
:response:
{
"data": {
"user_public": [
{
"id": 1,
"name": "Justin",
"email": "justin@xyz.com"
},
{
"id": 2,
"name": "Beltran",
"email": "beltran@xyz.com"
},
{
"id": 3,
"name": "Sidney",
"email": "sidney@xyz.com"
},
{
"id": 4,
"name": "Angela",
"email": "angela@xyz.com"
}
]
}
}
Reference in New Issue View Git Blame Copy Permalink