+ With versions of Amplify CLI @aws-amplify/cli@12.12.2
and API
+ Category
+ @aws-amplify/amplify-category-api@5.11.5
, an improvement was
+ made to how relational field data is handled in subscriptions when
+ different authorization rules apply to related models in a schema. The
+ improvement redacts the values for the relational fields, displaying them
+ as null or empty, to prevent unauthorized access to relational data. This
+ redaction occurs whenever it cannot be determined that the child model
+ will be protected by the same permissions as the parent model.
+
+ Because subscriptions are tied to mutations and the selection set provided + in the result of a mutation is then passed through to the subscription, + relational fields in the result of mutations must be redacted. +
++ If an authorized end-user needs access to the redacted relational field + they should perform a query to read the relational data. +
++ Additionally, subscriptions will inherit related authorization when + relational fields are set as required. To better protect relational data, + consider modifying the schema to use optional relational fields. +
++ Based on the security posture of your application, you can choose to + revert to the subscription behavior before this improvement was made. +
+
+ To do so, use the subscriptionsInheritPrimaryAuth
feature
+ flag under graphqltransformer
in the{' '}
+ amplify/backend/cli.json
file.
+
+ With Amplify Data Construct @aws-amplify/data-construct@1.8.4
+ , an improvement was made to how relational field data is handled in
+ subscriptions when different authorization rules apply to related models
+ in a schema. The improvement redacts the values for the relational fields,
+ displaying them as null or empty, to prevent unauthorized access to
+ relational data.
+
+ This redaction occurs whenever it cannot be determined that the child + model will be protected by the same permissions as the parent model. +
++ Because subscriptions are tied to mutations and the selection set provided + in the result of a mutation is then passed through to the subscription, + relational fields in the result of mutations must be redacted. +
++ If an authorized end-user needs access to the redacted relational fields, + they should perform a query to read the relational data. +
++ Additionally, subscriptions will inherit related authorization when + relational fields are set as required. To better protect relational data, + consider modifying the schema to use optional relational fields. +
+