I am attempting to apply field level access logic in KeystoneJS, as per these instructions.
The following hides a field fieldName from the admin UI:
fieldName: {
type: Text,
access: {
read: false,
update: false,
create: false
},
},
But the field is not hidden from the admin UI if I use an imperative approach. See below, which I would expect to produce the same result as the static approach above:
fieldName: {
type: Text,
access: {
read: ({ authentication: { item, listKey } }) => {
return false;
},
update: ({ authentication: { item, listKey } }) => {
return false;
},
create: ({ authentication: { item, listKey } }) => {
return false;
}
},
},
Am I missing something or is this a bug?
Advertisement
Answer
Imperative approach uses a function which can not be transferred to the client side.
Keystone uses maybe true false value for this. this means !!(() => {}) becomes true when generating admin ui metadata for fields in list.
there is a note in the section “Granular Imperative Boolean” which explains that these fields indeed gets included in graphql and ui but are excluded during execution.