Exercise 12: Add fine grained permissions (BONUS)

If you got this far, congratulations! I though this was too much for the 6 hour workshop.

If you are just checking bonus tasks, that's cool too, consider this a homework 😉

Task

If you tried to login from two different browsers, you probably noticed that each user can modify and delete all meetups, even if the user is not the owner. Your task is to add roles and permissions, so just owners can delete and edit an existing meetup.

Hints

You can set the roles and permissions using the @auth GraphQL transformation. To read more about this, visit https://aws-amplify.github.io/docs/cli-toolchain/graphql#auth.
Adding auth will require GraphQL schema update, to do so, edit the "amplify/backend/api/meetup/schema.graphql" file (make sure you put your project name instead of "meetup"), and the run the following command to deploy the update:
```
amplify api update
```

results matching ""

No results matching ""