ContextQMD
Back to Graphql Engine

Actions Permissions

docs/docs/actions/action-permissions.mdx

2.49.21.6 KB
Original Source

import Tabs from '@theme/Tabs'; import TabItem from '@theme/TabItem'; import Thumbnail from '@site/src/components/Thumbnail';

Actions Permissions

Introduction

As with the other fields in the GraphQL schema, users need to be given access to an action.

Set action permissions

<Tabs groupId="user-preference" className="api-tabs"> <TabItem value="console" label="Console">

Head to the Actions -> [action-name] -> Permissions tab in the Console.

<Thumbnail src="/img/actions/actions-permissions.png" alt="Console action permission" />

Hit Save to give the role permission to access the action.

</TabItem> <TabItem value="cli" label="CLI">

Go to metadata/actions.yaml in the Hasura Project directory.

Update the definition of the insertAuthor action as:

yaml
- actions
  - name: insertAuthor
    definition:
      kind: synchronous
      handler: '{{ACTIONS_BASE_URL}}/insertAuthor'
    permissions:
    - role: user
    - role: publisher

Save the changes and run hasura metadata apply to set the permissions.

</TabItem> <TabItem value="api" label="API">

Action permissions can be set by using the create_action_permission Metadata API:

http
POST /v1/metadata HTTP/1.1
Content-Type: application/json
X-Hasura-Role: admin

{
  "type": "create_action_permission",
  "args": {
    "action": "insertAuthor",
    "role": "user"
  }
}
</TabItem> </Tabs>

:::info Additional Resources

Introduction to Hasura Actions - View Recording.

:::