HOME DOCS PWA ABOUT
Discord
  1. Replicator
    1. Write
    2. Read
    3. Authorization
    4. Distribution
    5. Purge Conditions
    6. Upgrading the Container
  2. Concepts
    1. Storing Information
    2. Writing Specifications
    3. Projecting Results
  3. Create an App
    1. Create React App
    2. Install Jinaga
    3. Define a Model
    4. Initialize a Starting Point
    5. Declare a Component
    6. Match Successor Facts
    7. Select a Sub-Specification
    8. Filter Out Prior Versions
  4. Conventions
    1. JavaScript
    2. TypeScript
  5. Reference
    1. JinagaBrowser.create
    2. buildModel
    3. j.login
    4. j.fact
    5. given.match
    6. j.query
    7. j.watch
    8. j.hash
    9. AuthorizationRules
    10. JinagaTest.create
  6. Exporting Facts
    1. JSON File Format
    2. Factual File Format
    3. Exporting from Postgres
  1. Reference

AuthorizationRules

An authorization function takes an AuthorizationRules object as a parameter.

const authorization = (a: AuthorizationRules) => a
  .any(AnybodyCanCreate)
  .no(NobodyCanCreate)
  .type(PredecessorCanCreate, x => x.predecessor)
  .type(SiblingCanCreate, siblingSpecification)
  .with(otherAuthorizationFunction)
  ;

It defines rules using the any, no, and type methods. It composes other authorization functions using the with method.

AuthorizationRules.any

This rule allows any user to create facts of the given type. This cannot be combined with other rules for the same type.

const authorization = (a: AuthorizationRules) => a
  .any(AnybodyCanCreate)
  ;

AuthorizationRules.no

This rule forbids any user from creating facts of the given type. This cannot be combined with other rules for the same type.

const authorization = (a: AuthorizationRules) => a
  .no(NobodyCanCreate)
  ;

AuthorizationRules.type

This rule allows certain users to create facts of the given type. Pass a function or specification that selects the users who can create the fact.

If the creator of the fact is a predecessor, pass a function that selects the predecessor.

const authorization = (a: AuthorizationRules) => a
  .type(Post, x => x.site.owner)
  ;

If the creator of the fact is not a predecessor, pass in a specification that matches authorized users.

For example, suppose that guests can be invited to post on a site.

%0 Site Site User User Site->User owner GuestInvitation GuestInvitation GuestInvitation->Site GuestInvitation->User guest Post Post Post->Site

This authorization rule allows guest bloggers to post to the site.

const guestBloggers = model.Given(Post).match(post =>
  post.site.successors(GuestInvitation, invitation => invitation.site)
    .selectMany(invitation => invitation.successors(User, user => user))
);

const authorization = (a: AuthorizationRules) => a
  .type(Post, guestBloggers)
  ;

This kind of rule can be combined with other rules for the same type. A user can create a fact if they match any of those rules.

AuthorizationRules.with

Compose authorization functions using the with method.

const otherAuthorizationFunction = (a: AuthorizationRules) => a
  // ...
  ;

const authorization = (a: AuthorizationRules) => a
  .with(otherAuthorizationFunction)
  ;

You will typically build your model in sections. Each section will define a set of types and authorization rules. Then you will compose those sections together to create the final model.

Continue With

JinagaTest.create

Jinaga is a product of Jinaga LLC.

Michael L Perry, President