Custom row select permission in Hasura based on value in different table

Question

I want to add a row permission to a table based on data in another table. Example:

tableA
keyA  | approved
----------------
key1  | false
key2  | true

tableB
keyB  | value
----------------
key1  | querying this row is not allowed
key2  | this row should be allowed

My feeling is this can be achieved by using "_exists" operator but I seem to be unable to manage it in the permission configuration. I expect something like this:

Row select permission on tableB:

{
  "_exists": {
    "_table": {
      "schema": "my-scheme",
      "name": "tableA"
    }, 
    "_where": {
      "_and":[
        {"keyA": {"_ceq": "keyB" }},
        {"approved": {"_eq": true }}
      ]
    }
  }
}

When I try with "_ceq" operator, Hasura offers only the columns from tableA where I would expect columns from tableB instead. Any ideas on that? Thanks!

I am using Docker hasura/graphql-engine:v1.3.2

Ok, I just found this https://github.com/hasura/graphql-engine/issues/7095#issuecomment-937840798, which seems the feature is included in Hasura v2. Will check... — rze, Oct 14 '21 at 13:27

score 0 · Answer 1 · answered Oct 14 '21 at 13:38

0

Nevermind, I found confirmation that this feature is only available starting from v2.0.0 https://github.com/hasura/graphql-engine/issues/7095#issuecomment-904250991 The "_c" operators now allow usage of "$" to reference the original table.

answered Oct 14 '21 at 13:38

rze

1

Custom row select permission in Hasura based on value in different table

1 Answers1