supabase
Foreign keys on non-null columns should produce nullable GraphQL relationships due to RLS
In version 1.2.3, a bugfix was introduced to make relationships non-nullable if the foreign key column is non-nullable.
However due to RLS, it is possible that a non-nullable foreign key column produces a relationship that returns null.
My team recently faced this as we're building an access-control system that limits which entities a user can access. e.g. a user might have access to an entity with a non-nullable foreign key field subsystemId, but the administrator may disable view access to that specific subsystem. When performing the query:
fragment X on Component {
subsystemId
subsystem {
id
name
}
}
...the user will receive subsystemId: "a5ff110a-4d69-4ea5-af83-d02086e9215f", but RLS prevents them from viewing the data on Subsystem:a5ff110a-4d69-4ea5-af83-d02086e9215f, resulting in the response:
{
// -- snip --
"subsystemId": "a5ff110a-4d69-4ea5-af83-d02086e9215f",
"subsystem": null
}
Expected behavior All GraphQL relationships should default to nullable, or a configuration setting should be provided to opt-in to nullable relationships by default.
Expanding the scope on this to:
- Default all fkey linked relations to to nullable when RLS is enabled
- add a comment directive
@graphql({"nullable": <bool>})oncolumnsandforeign keys(including comment directive foreign keys) to allow overriding the default
did we ever add a comment directive @graphql({"nullable":
COMMENT ON CONSTRAINT favorites_user_id_work_id_key ON userspace.favorites IS E'@graphql({"nullable": true})';
and it doesn't seem to register
sorry for the big delay on this one. I initially thought we needed to wait until 2.0 but since returned values aren't validated against the schema this can roll out safely
Once it merges we'll cut a new release for it