-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathsecure.html
More file actions
84 lines (70 loc) · 4.28 KB
/
Copy pathsecure.html
File metadata and controls
84 lines (70 loc) · 4.28 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
---
layout: default
---
<div class="content">
<h1>Secure <span class="extends">mixin, mixins <a href="component">Component</a></span></h1>
<p><u>Secure</u> is a mixin interface that Tyranid users can implement to secure Tyranid queries, updates, and REST endpoints.</p>
<p>Call <u><a href="tyr#mixin">Tyr.mixin</a>(<i>your class</i>, Tyr.Secure)</u> on your class to mix in the security functionality.</p>
<p>Register your <u>Secure</u> implementation with Tyranid by passing it into the <a href="tyr#config"><u>Tyr.config()</u></a> call.</p>
<article id="permissions">
<span class="sig">permissions</span>
<p>By default Tyranid will use the following permissions automatically in its built-in methods.</p>
<pre><code class="js">permissions: {
find: 'find', <i>// find*(), by*() methods</i>
insert: 'insert', <i>// insert(), save() when inserting, $insert() methods</i>
update: 'update', <i>// update(), save() when updating, $update() methods</i>
remove: 'remove' <i>// remove(), $remove() methods</i>
},</code></pre>
<p>If you would like to override the default permissions (for example, to rename 'remove' to 'delete' or to collapse insert/update into an 'edit' permission)
you can configure that using the <u>permissions</u> option on config.</p>
</article>
<h2 id="accessResult">AccessResult</h2>
<p>This result is returned by <a href="#checkAccess"><u>checkAccess()</u></a> and stored on <a href="document"><u>Document</u>'s</a>
<a href="document#$access"><u>$access</u></a> property.
<table class="def">
<thead>
<tr><th>Option<th>Type<th>Notes
<tbody>
<tr><td>{</td>
<tr><td> allowed:<td>boolean<td>Indicates whether the end-user has query-level access to this document.
<tr><td> fields: {<td>
<tr><td> effect:<td>'allow' | 'deny'<td>Indicates whether the following fields are specifically allowed or denied.
<tr><td> names:<td>string[]<td>An array of field names that are either to be allowed or denied.
<tr><td> }</td>
<tr><td> reason?:<td>string<td>Contains any human-readable explanation for access denial.
<tr><td>}</td>
</table>
<h2>instance</h2>
<article id="canInsert">
<b class="async"></b>
<b class="method"></b>
<b class="server"></b>
<span class="sig">canInsert(collection: <a href="collection">Collection</a>,<br>
<div style="padding-left:180px;">document: <a href="document">Document</a> | object,</div>
<div style="padding-left:180px;">perm: <u>string</u>,</div>
<div style="padding-left:180px;">authObj: any): <u>boolean</u></div></span>
<p>If a <u>Secure</u> component is registered with Tyranid, Tyranid will invoke the <u>canInsert()</u> method to determine whether
a document can be inserted into the given collection.</p>
</article>
<article id="checkAccess">
<b class="async"></b>
<b class="method"></b>
<b class="server"></b>
<span class="sig">checkAccess(document: <a href="document">Document</a>,</br>
<div style="padding-left:204px;">perm: string,</div>
<div style="padding-left:204px;">authObj: any),</div>
<div style="padding-left:204px;">opts: <a href="collection#options">Options</a>): <a href="#accessResult"><u>AccessResult</u></a></div></span>
<p>If a <u>Secure</u> component is registered with Tyranid, Tyranid will invoke the <u>checkAccess()</u> method to populate the
<a href="document#$access"><u>Document.$access</u></a> object for later use by <a href="document#$redact"><u>Document.$redact()</u></a>.
</article>
<article id="query">
<b class="async"></b>
<b class="method"></b>
<b class="server"></b>
<span class="sig">query(collection: <a href="collection">Collection</a>,<br>
<div style="padding-left:134px;">perm: <u>string</u>,</div>
<div style="padding-left:134px;">authObj: any): <i>MongoDB query object</i></div></span>
<p>If a <u>Secure</u> component is registered with Tyranid, Tyranid will invoke the <u>query()</u> method to add additional
restrictions to its find methods when working with data.</p>
</article>
</div>