Domovská stránka Prehľadávať Pomoc
Prihlásiť sa
dmsc
/
surreal_access_control_system
1
0
Fork 0
Súbory Issues 0 Pull requesty 0 Wiki
Prechádzať zdrojové kódy

update README

david 5 mesiacov pred
rodič
6a3ccad8ac
commit
ca42c6bd43
1 zmenil súbory, kde vykonal 13 pridanie a 5 odobranie
Rozdelené zobrazenie Ukázať štatistiku rozdielnych dát
  1. 13 5
      README.md

+ 13 - 5
README.md
Zobraziť súbor 

@@ -3,12 +3,20 @@
 
 This repository explores how to build a access control system on top of SurrealDB using TypeScript.
 
 We will build a nodejs backend command line application that uses the SurrealDB Javascript/Typescript SDK to connect to a local SurrealDB instance.
 
 We will authenticate with various users and display a list of 'product' entries from a test database.
 
+The built-in access control system in SurrealDB has "access granularity levels" for ```Root```, ```Namespace```, ```Database``` and ```Scope``` with the roles ```Owner```, ```Editor``` and ```Viewer```. ```DEFINE SCOPE``` is deprecated in favor of ```DEFINE ACCESS``` though.
 
 
-We will use ```DEFINE ACCESS``` statements to define roles based authentication. One of our test users should be able to fully access (create, read, update, delete)
 
-the 'product' entries the other one should not have access to the table and thus should not be able to retrieve a list of products.
 
+We will use ```DEFINE ACCESS``` statements to define a log in method that makes use of user entries in 
+a table aka ```record users``` which allows us to come up with a more fine grained access control system than the built-in one. We will have two test users one of which should be able to select from a *product* table and display a list of products. The other test user should not have access to this table.
 
 
-First we add the SDK to our project ```npm install --save surrealdb```.
 
-Then we need to initialize our database. ```ts-node backend/src/init_db.ts```
 
+First we add the SDK to our project.
 
+```bash
 
+npm install --save surrealdb
 
+```
 
+
 
+Then we need to initialize our database. 
+```bash
 
+ts-node backend/src/init_db.ts
 
+```
 
 
 ## The setup
 
 We have the three essential tables *user*, *role* and *product*. The table *product* could be replaced by 
@@ -29,7 +37,7 @@ For the actual table definitions see backend/src/init_db.ts.
 
 We create two example users *appuser1* and *appuser2* and the role *product_manager*. Also we 
 need a product so we create *testproduct* in the *product* table.
 
 
-Users having the role *product_manager* should be able to select from the *product* table the others should not. [*Record users*](https://surrealdb.com/docs/surrealdb/security/authentication#record-users) have 
+Users having the role *product_manager* should be able to select from the *product* table the others should not. [```Record users```](https://surrealdb.com/docs/surrealdb/security/authentication#record-users) have 
 no rights initially by definition and thus must be granted permissions first.
 
 
 So we create links from *user:appuser1* to *role:product_manager* in the *has_role* table and a link