How to authorize data access in AWS Amplify by user custom claims?

By -

I am new to aws amplify and have started studying the documentation to see if my application can fit into a completely serverless framework with the help of Amplify.

My main doubts are related to the Authentication and the consequent authorization of the contents.

I try to briefly explain how my app should be organized so as to ask the right questions about my doubts.

imagine an app where vendors sell products to customers. so I will have two user groups: "sellers" and "customers".

I add a detail, the sellers should be associated with a shop. Thus the sellers associated with the same "shop id" can manage the same data.

Here comes the first question:

  1. How can I save this information, linked to the single user so that he can easily be authorized to access the data concerning the same shop?

Second question for now :)

  1. when I create a new model in "datastore" on the right it is possible to choose the authorization permissions, but these only allow me to set them according to "groups" or "owner". But I would like them to also be based on the "shop id". For example: all users who have associated the "claim" "shop id" with their users can see and modify the data of that shop


from Recent Questions - Stack Overflow https://ift.tt/3AEI2sY
https://ift.tt/eA8V8J

Comments

Post a Comment

Popular posts from this blog

Spring Elasticsearch Operations

By -
Elasticsearch Operations Spring Data Elasticsearch uses two interfaces to define the operations that can be called against an Elasticsearch index. These are ElasticsearchOperations and ReactiveElasticsearchOperations. Whereas the first is used with the classic synchronous implementations, the second one uses reactive infrastructure. The default implementations of the interfaces offer: Read/Write mapping support for domain types. A rich query and criteria api. Resource management and Exception translation. ElasticsearchTemplate The ElasticsearchTemplate is an implementation of the ElasticsearchOperations interface using the Transport Client. @Configuration public class TransportClientConfig extends ElasticsearchConfigurationSupport {   @Bean   public Client elasticsearchClient() throws UnknownHostException {                      Settings settings = Settings.builder().put("cluster.name", "elasticsearch")....
Read more

Network Error and Timeout on Authorize.net JS

By -
i am using authorize.net acceptUI.js in order to create a hosted payment form for credit card acceptance. The problem arising now is that, going on the checkout page, I have the following console message: GET https://js.authorize.net/v3/AcceptUI.js net::ERR_NAME_NOT_RESOLVED Which is weird, cause I cannot ping the domain or anything, as my computer cannot resolve the domain. However, this issue is also reported by individual customers and it seems to be sporadically and not happening the entire time, cause i can see other orders going through. Does anyone know how such an error can be caused, or any ideas how it can be resolved? Thanks for your help EDIT: I just checked the A DNS record for js.authorize.net and am getting the following result only: js.authorize.net. 100 IN CNAME js.authorize.net.cdn.cloudflare.net. Doing the same for js.authorize.net.cdn.cloudflare.net. does not return an A Record, unless I specifically instruct to use 1.1.1.1 as DNS server I...
Read more

Object oriented programming concepts (OOPs)

By -
Object-oriented programming (OOP) is a programming paradigm based on the concept of "objects". Re-usability is the main concept of Oops. There are few major principles of object-oriented paradigm. If any programming Language supports this principles that programming language called Object-oriented programming. Below are object oriented programming concepts : 1. Object        Read More about Object     http://theprogrammersfirst.blogspot.in/2016/07/java-object-concept.html
Read more