Comments (8)
Okay this is a related but different case than PR.
You've got 2 functions get_....(uuid)
(omitted for privacy) that return setof <some_view>
we currently check that the returned entity is selectable
before exposing a function in the GraphQL AP. The 2 views ARE selectable by authenticated
and anon
but the views don't define a primary key so their associated types are omitted from the __Schema, making the function's reference invalid.
I think the outcome you're looking for is to be able to query the two views. To do that you can add a comment directive primary key to make them show up in the GraphQL API
comment on view "or...ers" is e'@graphql({"primary_key_columns": ["col1", "col2"]})';
comment on view "us....ture" is e'@graphql({"primary_key_columns": ["col1", "col2"]})';
and then you won't need the get_...
functions because the views are queryable just like your tables.
More info here https://supabase.github.io/pg_graphql/views/
If that assumption was wrong, and you want to exclude the 2 get_...
functions instead: you can revoke execute permission for the anon, authenticated, and public roles to remove them from your API, which will also solve the introspection issue.
revoke execute on function get_orgusers from anon, public;
revoke execute on function get_user_access_structure from anon, public;
and your schema will load, but you won't be able to query those functions
from pg_graphql.
Since we don't have a reproduction case, could you please send your project_ref so I can investigate it?
Its most likely the issue solved by this PR
from pg_graphql.
Since we don't have a reproduction case, could you please send your project_ref so I can investigate it?
Its most likely the issue solved by this PR
Interesting.
The project's url is this https://supabase.com/dashboard/project/fkdkdrrilrzbkvtqglhy
Does this help?
I see that PR was already merged. How could I make use of it to solve my case?
from pg_graphql.
renaming this issue for tracking
from pg_graphql.
TODO: update this logic
Lines 1290 to 1299 in 2bb35d5
to make sure they table/view will be in the schema.
The logic should be the same as in __Schema
Lines 3955 to 3959 in 2bb35d5
its a small/simple change
from pg_graphql.
Interesting.
Thanks.
In this case, if I revoke those permissions, my server-side authenticated token (aka "the app") will still be able to call those functions, right?
If that assumption was wrong, and you want to exclude the 2
get_...
functions instead: you can revoke execute permission for the anon, authenticated, and public roles to remove them from your API, which will also solve the introspection issue.and your schema will load, but you won't be able to query those functions
In the side notes...I hope this has helped supabase to get better :)
from pg_graphql.
if I revoke those permissions, my server-side authenticated token (aka "the app") will still be able to call those functions, right?
If you change the permissions (option 2) you would be able to call the functions using a direct database connection but not over the API as an anonymous or authenticated user.
if you set the comment directive (option 1) you will be able to access the functions over the API and via direct connection
from pg_graphql.
In the side notes...I hope this has helped supabase to get better :)
it did! thanks for reporting
from pg_graphql.
Related Issues (20)
- Stored Procedures are not being displayed as GraphQL Mutations. HOT 4
- Some feature requests HOT 4
- Extend inflect_names usage HOT 6
- Conditionally disable Relay wraparound HOT 2
- Conditionally exclude fields from Query HOT 5
- How to work with joins that don't rely on foreign keys (unique) HOT 3
- implement missing GraphQL spec validations
- functions in public schema are not exposed via graphql HOT 4
- Return json/jsonb columns as json in response instead of string HOT 1
- Result::unwrap() on an Err value: PoisonError { .. } HOT 6
- Introspection Timeout after upgrade from 1.2 to 1.5 HOT 12
- RLS without Supabase HOT 5
- Document that `serial` and `generated` columns are not in `insert` and `update` mutations HOT 1
- Naming reverse related fields HOT 4
- supabase graphql endpoint returns 401 {"message":"invalid signature"} on call with valid jwt in Authorization: Bearer header HOT 5
- UDF nullable arguments not being translated properly HOT 3
- How to use supabase graphql api for supabase auth managerment? HOT 4
- Computed field returning a composite type is always null HOT 7
- Index out of bounds when creating a relation with a stripe foreign table HOT 6
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from pg_graphql.