Unauthorized error when updating child object

[rohit3d2003]

Describe the bug

I followed the solution described in issue - #3797 but when the child object is deleted by Admin within Lambda, it gets successfully deleted by iOS data sync does not remove it. Since all this happened within Lambda, I am not sure how to debug it. I am not seeing any failure in iOS logs. Most likely something is wrong with solution and auth rule. Below is the graphql schema

type Child @model 
  @auth(rules: [
    { allow: owner, operations: [create, read, update, delete] },
    { allow: groups, groups: ["Admin"], operations: [create, read, delete, update] }
  ]) {
  id: ID!
  owner: String @auth(rules: [
    { allow: owner, operations: [create, read, delete] },
    { allow: groups, groups: ["Admin"], operations: [create, read, delete] }
  ])
}

type Parent @model 
  @auth(rules: [
   { allow: owner, operations: [create, read, update, delete] },
    { allow: groups, groups: ["Admin"], operations: [read, delete, update] }
  ]) {
  id: ID!
  children: [Child] @hasMany
  owner: String @auth(rules: [
    { allow: owner, operations: [create, read, delete] },
      { allow: groups, groups: ["Admin"], operations: [read, delete] }
  ])
}

Child object is deleted via Lambda by calling GraphQL API via one of the user which is part of Admin group.

Below is the suggested schema update in Issue 3797

type Child
  @model
  @auth(
    rules: [
      { allow: owner, operations: [create, read, update, delete] }
      {
        allow: groups
        groups: ["Admin"]
        operations: [create, read, delete, update]
      }
    ]
  ) {
  id: ID!
  owner: String
    @auth(
      rules: [
        { allow: owner, operations: [create, read, delete] }
        { allow: groups, groups: ["Admin"], operations: [create, read, delete] }
      ]
    )
  parentChildrenId: ID
    @auth(rules: [{ allow: owner, operations: [create, read, delete] }])
}

Below is what I have currently as I have given all permissions:

type Child @model 
  @auth(rules: [
    { allow: owner, operations: [create, read, update, delete] },
    { allow: groups, groups: ["Admin"], operations: [create, read, delete, update] }
  ]) {
  id: ID!
  owner: String @auth(rules: [
    { allow: owner, operations: [create, read, delete] },
    { allow: groups, groups: ["Admin"], operations: [create, read, delete] }
  ])
parentChildrenId: ID @auth(rules: [
    { allow: owner, operations: [create, read, update, delete] },
    { allow: groups, groups: ["Admin"], operations: [create, read, delete, update] }
  ])
}

type Parent @model 
  @auth(rules: [
  { allow: owner, operations: [create, read, update, delete] },
    { allow: groups, groups: ["Admin"], operations: [read, delete, update] }
  ]) {
  id: ID!
  children: [Child] @hasMany
  owner: String @auth(rules: [
    { allow: owner, operations: [create, read, delete] },
      { allow: groups, groups: ["Admin"], operations: [read, delete] }
  ])
}

Steps To Reproduce

1. Fetch an existing Child object that has parentChildId set to nil.
2. Delete child object via Lambda by calling GraphQL API in context of Admin user.

Expected behavior

iOS app should sync with DynamoDB as the item is deleted by DynamoDB

Amplify Framework Version

2.36

Amplify Categories

DataStore

Dependency manager

Swift PM

Swift version

5.10

CLI version

12.12.4

Xcode version

15.4

Relevant log output

<details>
<summary>Log Messages</summary>


INSERT LOG MESSAGES HERE

```

Is this a regression?

Yes

Regression additional context

No response

Platforms

iOS

OS Version

iOS 17.5

Device

iPhone 15

Specific to simulators

No response

Additional context

No response

[github-actions]

This issue is now closed. Comments on closed issues are hard for our team to see.
If you need more assistance, please open a new issue that references this one.
If you wish to keep having a conversation with other community members under this issue feel free to do so.