GraphQL Creating new User-Realm-Permission

ros

#1

I’m trying to create user, realm and add permission to created user to created realm.
I have running Realm Object Server version 3.17.1 in docker.

If I get access token to __admin realm and try to execute graphql mutations on http://localhost:9080/graphql/__admin

  1. create account
{"query":"mutation addAccount($accountInput: AccountInput) { 
     addAccount(input: $accountInput) {provider, providerId}}",
 "variables":{"accountInput":{"providerId":"test","provider":"password"}},
 "operationName":"addAccount"}
  1. create user
{"query":"mutation addUser($userInput: UserInput) {
      addUser(input: $userInput) {userId, isAdmin, accounts{provider, providerId}, metadata{key, value}, status }}",
  "variables":{"userInput":{"userId":"test","isAdmin":false,"accounts":[{"providerId":"test","provider":"password"}]}},
  "operationName":"addUser"}
  1. create realm
{"query":"mutation addRealmFile($realmFileInput: RealmFileInput) { 
      addRealmFile(input: $realmFileInput) {path, realmType, syncLabel, owner{userId, isAdmin}, createdAt, lastVacuumed }}",
  "variables":{"realmFileInput":{"path":"/cl_test","realmType":"reference","syncLabel":"default","createdAt":"2019-02-06T18:00:15.172298"}},
  "operationName":"addRealmFile"}
  1. add permission
{"query":"mutation addPermission($permissionInput: PermissionInput) { 
     addPermission(input: $permissionInput) {user{userId, isAdmin}, realmFile{path, realmType, syncLabel, createdAt}, mayRead, mayWrite, mayManage, updatedAt}}",
  "variables":{"permissionInput":{"user":{"userId":"test"},"realmFile":{"path":"/cl_test"},"mayRead":true}},
  "operationName":"addPermission"}

ends with error Attempting to create an object of type ‘User’ with an existing primary key value ‘‘test’’.

How can be new user with permission to newly created realm created? How the procedure looks like.


#2

@ladislav.kaiser7931 Wow you definitely should not be editing the __admin realm if possible - this could easily bork your system if not done properly which is why we hide it and provide public APIs which under the hood edit the __admin realm in a safe way.

I would recommend implementing an admin node-js app that calls our well known Realm.Sync.User.login() and Realm.open APIs to implement what you are describing.

https://docs.realm.io/sync/backend-integration/data-integration