HOME DOCS PWA ABOUT
Discord
  1. Replicator
    1. Write
    2. Read
    3. Authorization
    4. Distribution
    5. Purge Conditions
    6. Upgrading the Container
  2. Concepts
    1. Storing Information
    2. Writing Specifications
    3. Projecting Results
  3. Create an App
    1. Create React App
    2. Install Jinaga
    3. Define a Model
    4. Initialize a Starting Point
    5. Declare a Component
    6. Match Successor Facts
    7. Select a Sub-Specification
    8. Filter Out Prior Versions
  4. Conventions
    1. JavaScript
    2. TypeScript
  5. Reference
    1. JinagaBrowser.create
    2. buildModel
    3. j.login
    4. j.fact
    5. given.match
    6. j.query
    7. j.watch
    8. j.hash
    9. AuthorizationRules
    10. JinagaTest.create
  6. Exporting Facts
    1. JSON File Format
    2. Factual File Format
    3. Exporting from Postgres
  1. Replicator

Authorization

Securing your replicator is done via source code. Add authorization and distribution rules to your model, and deploy to the replicator as a build step.

Write your authorization rules in the client. These go with your model. To better organize your code, collect the rules related to a small number of facts into a single function. For example:

export const projectAuthorization = (a: AuthorizationRules) => a
  .type(Project, p => p.creator)
  .type(ProjectName, n => n.project.creator)
  .type(ProjectName, n => n.project.successors(Invitation, invitation => invitation.project)
    .selectMany(invitation => invitation.successors(User, user => user))
  )
  ;

Then you can compose these functions into one central rule set.

export const authorization = (a: AuthorizationRules) => a
  .with(userAuthorization)
  .with(projectAuthorization)
  .with(taskAuthorization)
  ;

Create a file called output-authorization.ts in your project. Use the describeAuthorizationRules function to turn those rules into text. Then upload them to your replicator.

The following code works with Node 18.

import { describeAuthorizationRules } from "jinaga";
import { authorization, model } from "./model";

const postData = describeAuthorizationRules(model, authorization);
const url = process.argv[2];
const bearerToken = process.argv[3];

// POST the authorization rules to the replicator.
fetch(url, {
  method: "POST",
  headers: {
    "Content-Type": "text/plain",
    "Authorization": `Bearer ${bearerToken}`
  },
  body: postData
}).then(response => {
  if (response.status === 201) {
    console.log("Authorization rules updated.");
  } else {
    console.log(`Error updating authorization rules: ${response.status} ${response.statusText}`);
    process.exit(1);
  }
});

Finally, create an NPM script to compile and run that file.

"scripts": {
  "deploy:authorization": "tsc ./src/output-authorization.ts --outDir ./deploy && node ./deploy/output-authorization.js"
}

To deploy authorization rules, pass the authorization endpoint and secret as command-line parameters. As an application developer, you can do this by creating a private Bash script that contains your replicator endpoint and secret. Do not check this script into source contol.

npm run deploy:authorization https://rep.jinaga.com/xxxxxxx/authorization yyyyyyy

On a CI/CD server, get the endpoint and secret from build parameters.

Continue With

Distribution

Jinaga is a product of Jinaga LLC.

Michael L Perry, President