Multi-user data access not working (Android)

[stam0912]

Description

I configured multiple authorization rules in my schema to allow a dynamic set of user and the admin group to have access to the data. Both auth rules were working fine before until I upgrade the packages to the following version. Now only the admin group auth rule works. And this issue was only found in Android (tested on Android 14 physical device).

amplify_api 2.5.0
amplify_auth_cognito 2.5.0
amplify_datastore 2.5.0
amplify_flutter 2.5.0
amplify_storage_s3 2.5.1

Categories

• Analytics
• API (REST)
• API (GraphQL)
• Auth
• Authenticator
• DataStore
• Notifications (Push)
• Storage

Steps to Reproduce

1. Use the schema I provide below
2. create user
3. create device record and add the userId to the userId field
4. login and start datastore

Screenshots

Part of the error messages

API sync failed - transitioning to LOCAL_ONLY.
DataStoreException{message=DataStore subscriptionProcessor failed to start., cause=GraphQLResponseException{message=Subscription error for Device: [GraphQLResponse.Error{message='Validation error of type UnknownArgument: Unknown field argument userId @ 'onDeleteDevice'', locations='null', path='null', extensions='null'}], errors=[GraphQLResponse.Error{message='Validation error of type UnknownArgument: Unknown field argument userId @ 'onDeleteDevice'', locations='null', path='null', extensions='null'}], recoverySuggestion=See attached list of GraphQLResponse.Error objects.}, recoverySuggestion=Check your internet.}
at com.amplifyframework.datastore.syncengine.Orchestrator.lambda$startApiSync$4$com-amplifyframework-datastore-syncengine-Orchestrator(Orchestrator.java:344)
at com.amplifyframework.datastore.syncengine.Orchestrator$$ExternalSyntheticLambda10.subscribe(D8$$SyntheticClass:0)
at io.reactivex.rxjava3.internal.operators.completable.CompletableCreate.subscribeActual(CompletableCreate.java:40)
at io.reactivex.rxjava3.core.Completable.subscribe(Completable.java:2850)
at io.reactivex.rxjava3.internal.operators.completable.CompletablePeek.subscribeActual(CompletablePeek.java:51)
at io.reactivex.rxjava3.core.Completable.subscribe(Completable.java:2850)
at io.reactivex.rxjava3.internal.operators.completable.CompletablePeek.subscribeActual(CompletablePeek.java:51)
at io.reactivex.rxjava3.core.Completable.subscribe(Completable.java:2850)
at io.reactivex.rxjava3.internal.operators.completable.CompletablePeek.subscribeActual(CompletablePeek.java:51)
at io.reactivex.rxjava3.core.Completable.subscribe(Completable.java:2850)
at io.reactivex.rxjava3.internal.operators.completable.CompletableSubscribeOn$SubscribeOnObserver.run(CompletableSubscribeOn.java:64)
at io.reactivex.rxjava3.core.Scheduler$DisposeTask.run(Scheduler.java:614)
at io.reactivex.rxjava3.internal.schedulers.ScheduledRunnable.run(ScheduledRunnable.java:65)
at io.reactivex.rxjava3.internal.schedulers.ScheduledRunnable.call(ScheduledRunnable.java:56)
at java.util.concurrent.FutureTask.run(FutureTask.java:264)
at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(ScheduledThreadPoolExecutor.java:307)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:644)
at java.lang.Thread.run(Thread.java:1012)
Caused by: GraphQLResponseException{message=Subscription error for Device: [GraphQLResponse.Error{message='Validation error of type UnknownArgument: Unknown field argument userId @ 'onDeleteDevice'', locations='null', path='null', extensions='null'}], errors=[GraphQLResponse.Error{message='Validation error of type UnknownArgument: Unknown field argument userId @ 'onDeleteDevice'', locations='null', path='null', extensions='null'}], recoverySuggestion=See attached list of GraphQLResponse.Error objects.}
at com.amplifyframework.datastore.appsync.AppSyncClient.lambda$subscription$1(AppSyncClient.java:315)
at com.amplifyframework.datastore.appsync.AppSyncClient$$ExternalSyntheticLambda0.accept(D8$$SyntheticClass:0)
at com.amplifyframework.api.aws.SubscriptionEndpoint$Subscription.dispatchNextMessage(SubscriptionEndpoint.java:461)
at com.amplifyframework.api.aws.SubscriptionEndpoint.notifySubscriptionData(SubscriptionEndpoint.java:257)
at com.amplifyframework.api.aws.SubscriptionEndpoint.-$$Nest$mnotifySubscriptionData(Unknown Source:0)
at com.amplifyframework.api.aws.SubscriptionEndpoint$AmplifyWebSocketListener.processJsonMessage(SubscriptionEndpoint.java:644)
at com.amplifyframework.api.aws.SubscriptionEndpoint$AmplifyWebSocketListener.onMessage(SubscriptionEndpoint.java:544)
at okhttp3.internal.ws.RealWebSocket.onReadMessage(RealWebSocket.kt:392)
at okhttp3.internal.ws.WebSocketReader.readMessageFrame(WebSocketReader.kt:255)

Platforms

• iOS
• Android
• Web
• macOS
• Windows
• Linux

Flutter Version

3.24.4

Amplify Flutter Version

2.5.0

Deployment Method

Amplify CLI (Gen 1)

Schema

type User
  @model
  @auth(
    rules: [
      { allow: owner, ownerField: "id" }
      { allow: groups, groups: ["Admin"] }
    ]
  ) {
  id: ID!
  username: String!
  email: String
}

type Device
  @model
  @auth(
    rules: [
      { allow: owner, ownerField: "userId" }
      { allow: groups, groups: ["Admin"] }
    ]
  ) {
  id: ID!
  uuid: ID! @index(name: "byUUID", queryField: "getDeviceByUUID")
  userId: [String]
}

[ekjotmultani]

Hi @stam0912, thanks for taking the time to raise this issue, I'm sorry you are facing this problem. We will investigate and get back to you with an update when we have one