Forum Discussion

yogeshdixit's avatar
yogeshdixit
Ace
1 year ago
Solved

liqlAdmin in khoros aurora graphql API

Hi Folks,

I want to add roles to the users using graphQL API given below.

const ADD_USER_ROLE_MUTATION = gql`
    mutation addUsersToRole($roleKey: RoleKeyInput!, $users: [UserIdInput!]!) {
      addUsersToRole(roleKey: $roleKey, users: $users) {
        result {
          id
          name
        }
      }
    }
  `;
  const [addUserRole] = useMutation(ADD_USER_ROLE_MUTATION);


addUserRole({
              variables: {
                roleKey: { roleName: "role" },
                users: [{ id: userId }]
              }
            });

The issue I am facing is that when this mutation is executed by an Admin user, the role is successfully added to the target user. However, when the same mutation is executed by a normal user, it fails to add the role due to permission denied errors.

Is there a parameter or keyword that can be used in this mutation to allow a normal user to update their own roles or self-related data?

For example, in Khoros Classic, we can use the liqlAdmin keyword in REST API requests to bypass such permissions. Is there an equivalent for GraphQL in Khoros Aurora?

Thanks in Advance.

API
Aurora
graphQl
react
Rest API
REST API v2 & LiQL
  • saikumarn's avatar
    saikumarn
    1 year ago

    yogeshdixitChange the package name to "@customer/catfact-endpoint". If it still doesn’t work then request the Khoros support team to restart the community.

13 Replies

Show More
  • MattV's avatar
    MattV
    Khoros Staff
    1 year ago

    Right now looks like this is only available in endpoints. I don't remember exactly, but I think it has a bit to do with security. Running GraphQL calls as admin, like with restadmin in classic, is very dangerous and has the potential to expose sensitive data, or allow users to modify data they shouldn't.

    So I think for technical reasons, at least for now, it is only available in endpoints.

  • saikumarn's avatar
    saikumarn
    Advisor
    1 year ago

    yogeshdixit  We can use graphqlAdmin to give permission to normal user.

    Documentation: https://developer.khoros.com/khorosauroradevdocs/docs/working-with-endpoints#endpoint-module-file