Description
Describe the content issue:
In various examples you see descriptions of authorization operations like this:
const schema = a.schema({
Post: a.model({
content: a.string()
}).authorization(allow => [
// Allow anyone auth'd with an API key to read everyone's posts.
allow.publicApiKey().to(['read']),
// Allow signed-in user to create, read, update,
// and delete their __OWN__ posts.
allow.owner(),
])
})
But nowhere that I can find is there a table (or something) with an explanation of each of these operations:
operations: ("create" | "update" | "delete" | "read" | "get" | "list" | "sync" | "listen" | "search")
For example, I have one row in a table that belongs to each user and I want the users to be able to only get their own row so clearly I need "get", but I also want them to be able to listen for changes so I don't have to poll. So will "listen" work for that, or listen only works with "list"? And now that I'm looking at that, what's the difference between "list" and "search"??? I'm left to experiment instead of just looking over a table in the documentation to arrive at my answers.
This should also include stuff like "read" encompasses "get", "list", "listen", and "search"? What's "sync" and does "update" include that? Or if you have "read" and "update", does that encompass "sync"?
It would also be nice if there was some sort of mapping from these to the common calls you can make on a model, for example which authorization operations allow me to do:
client.models.Todo.observeQuery().subscribe(
URL page where content issue is:
I suggest this location for documenting this, but wouldn't hurt to link to it from some other places that talk about querying/creating/updating data:
https://docs.amplify.aws/angular/build-a-backend/data/customize-authz