search

deployd / docs

documentation for deployd
http://docs.deployd.com
29 stars 30 forks source link

Add documentation for BeforeRequest #62

Open andreialecu opened 8 years ago

andreialecu commented 8 years ago

https://github.com/deployd/deployd/pull/596

moorthi07 commented 6 years ago

We don't have documentation for both BeforeRequest and On AfterCommit.

  1. There is no dedicated page that explains "Collection Events" only. Or this topic "Adding Custom Business Logic with Events" - Looks like a guide than, listing the features.

We could also add a 'Security in Deployd' section and point to all the documents that are related to. As this is a standard terminology, will make it easier for quick reference.

Here is the documentation for BeforeRequest and AfterCommit. Pl. suggest your corrections and will add it to a new Help page ""Collection Events".

ON BEFOREREQUEST Called for each Http method call of a Collections Endpoint, like GET, PUT, POST, DELETE. This event can be used as a general security check point for that collection only like below.


if ((!me || me.id !== this.userId) && !internal){
     cancel("Unauthorized", 401);
}

Note: This above code applies for all four events. If your API doesn't need login for post or get , etc. You have to add this in each event.

You can also find open source modules in "modules link" for 'Security' modules to include in your project.

ON AFTERCOMMIT

Called after a POST / PUT / DELETE event is executed. You can use event for example, changing return values or sending out emails etc.

andreialecu commented 6 years ago

It's important to add that 'BeforeRequest' exposes a variable to scripts named event which can be GET, PUT, POST or DELETE. Also see https://github.com/deployd/deployd/pull/596#issuecomment-118377111

And AfterCommit has a similar method variable which can be POST or PUT.

moorthi07 commented 6 years ago

That is beautiful . Awesome. So, we will add this below example to the doc. (including for aftercommit). Do you have any example code that modify the return value On AfterCommit?

I think we should directly start editing in the Documents repo.

if (!me) cancel("Not authorized", 401); // don't allow anyone in that is not authorized

switch (event) { case "GET": if (!ctx.query.$limit || ctx.query.$limit > 20) ctx.query.$limit = 20; // max 20 results break; case "PUT": // something for put break; case "POST": // something for post break; }

andreialecu commented 6 years ago

AfterCommit runs after the database has been updated and after a response has been returned.

It's main purpose is to run code after ensuring that data has been stored. Use it to emit to clients that things have been updated, or to run other code that does additional work in a separate section of the app, and which possibly depends on doing queries on the newly updated collection, and expects the data to be there.

Assuming data has been commited prior to AfterCommit is a strongly discouraged. We should change the other places in the documentation that recommend running emit in On POST/PUT