|
|
@@ -1,12 +1,14 @@
|
|
|
# surreal_access_control_system
|
|
|
|
|
|
-This repository explores how to build a access control system on top of SurrealDB using TypeScript.
|
|
|
+This repository explores how to build a role based access control system on top of SurrealDB using TypeScript.
|
|
|
We will build a nodejs backend command line application that uses the SurrealDB Javascript/Typescript SDK to connect to a local SurrealDB instance.
|
|
|
We will authenticate with various users and display a list of 'product' entries from a test database.
|
|
|
The built-in access control system in SurrealDB has "access granularity levels" for ```Root```, ```Namespace```, ```Database``` and ```Scope``` with the roles ```Owner```, ```Editor``` and ```Viewer```. ```DEFINE SCOPE``` is deprecated in favor of ```DEFINE ACCESS``` though.
|
|
|
|
|
|
We will use ```DEFINE ACCESS``` statements to define a log in method that makes use of user entries in
|
|
|
-a table aka ```record users``` which allows us to come up with a more fine grained access control system than the built-in one. We will have two test users one of which should be able to select from a *product* table and display a list of products. The other test user should not have access to this table.
|
|
|
+a table aka ```record users```. This will allow us to come up with a more fine grained access control system than the built-in one.
|
|
|
+
|
|
|
+We will have two test users one of which should be able to select from a *product* table and display a list of products. The other test user should not have access to this table.
|
|
|
|
|
|
First we add the SDK to our project.
|
|
|
```bash
|
david