This should just work.
If you go look at your AppSync API's request mapping template for the mutation that you're using to create a new record, you should see a section like this in the VTL that Amplify generated for you:
## [Start] Owner Authorization Checks **
#set( $isOwnerAuthorized = false )
## Authorization rule: { allow: owner, ownerField: "owner", identityClaim: "cognito:username" } **
#set( $allowedOwners0 = $util.defaultIfNull($ctx.args.input.owner, null) )
#set( $identityValue = $util.defaultIfNull($ctx.identity.claims.get("username"), $util.defaultIfNull($ctx.identity.claims.get("cognito:username"), "___xamznone____")) )
#if( $util.isList($allowedOwners0) )
#foreach( $allowedOwner in $allowedOwners0 )
#if( $allowedOwner == $identityValue )
#set( $isOwnerAuthorized = true )
#end
#end
#end
#if( $util.isString($allowedOwners0) )
#if( $allowedOwners0 == $identityValue )
#set( $isOwnerAuthorized = true )
#end
#end
#if( $util.isNull($allowedOwners0) && (! $ctx.args.input.containsKey("owner")) )
$util.qr($ctx.args.input.put("owner", $identityValue))
#set( $isOwnerAuthorized = true )
#end
## [End] Owner Authorization Checks **
Look at the line toward the bottom: $util.qr($ctx.args.input.put("owner", $identityValue)) -- this is what's setting the owner property, assuming the input didn't already contain an owner property.
So, here are the reasons I can think of for why mutations issued from your code might not be ending up with owner:
Are you sure you're logged in to your app and that you're submitting your GraphQL mutation using the AMAZON_COGNITO_USER_POOLS authorization mode? If you're authorizing the request via, say IAM, you won't have an owner come through the identity claims.
Are you passing a blank value in for owner in the input you're sending? This would prevent it from being assigned to the cognito username in the mapping template.
与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
