bryanjnelson
commented
3 months ago So you did end up combining UserStamped and TimeStamped into Audited?
Closed CarsonF closed 2 months ago
bryanjnelson
commented
3 months ago So you did end up combining UserStamped and TimeStamped into Audited?
CarsonF
commented
3 months ago So you did end up combining
UserStampedandTimeStampedintoAudited?
Yeah. I thought UserStamped made less sense with the change to Actor. Looking around Audited was suggested. And with that it made sense to include timestamps in that name. Plus it doesn't really make sense to have users/actors without timestamps.
bryanjnelson
commented
3 months ago Yeah, I like it. Seems simplified...but yet at the same time more robust.
This kinda ballooned into several related refactors.
Our authorization system is rule based. i.e. we don't have an ACL lists in our data. We felt like
ownersviolated this principle. It served as the object's creator, but also was mutable to allow an owner change. The waters mudded more with Users, and how they were "owned".So
owner(schema & policy conditions) is replaced bycreatedBy/creator. This has clearer split between raw data & authorization rules based on real data.Related, we've also wanted to track who creates & modifies most things. So to solve this we have
Auditedthat holdscreatedBy&modifiedBy.Resourcewas updated to extendAuditedso most things can have this tracked now in a standard way.We wanted these creators/modifiers to be required, as it's always someone that's making these changes. But there are edge cases. So now we have
Actortype that's barebones and haveUser&SystemAgentextend from that. Hopefully a few pre-definedSystemAgentshelp fulfill these edge cases.Finally I replaced the
currentUseraliaswith a fewglobals. https://github.com/SeedCompany/cord-api-v3/blob/0c18f9b7501d34c07b95291000a449531014ffec/dbschema/common.esdl#L3-L6 Globals (single, not multi) are evaluated once per query, so this should help with performance. And be less ambiguous in use.