search

zenstackhq / zenstack

Fullstack TypeScript toolkit that enhances Prisma ORM with flexible Authorization layer for RBAC/ABAC/PBAC/ReBAC, offering auto-generated type-safe APIs and frontend hooks.
https://zenstack.dev
MIT License
2.07k stars 88 forks source link

[Feature request] Make zenstack_guard optional #415

Closed JYachelini closed 1 year ago

JYachelini commented 1 year ago

Problem Hi, I am using zenstack for an API. I accessed zenstack only to modularize prisma schemas and to be able to extend schemas, they seemed to me very good features that prisma should include, but it doesn't do it.

The problem I have is that it always generates the zenstack_guard column when I don't need it, since I'm not going to use auth() because I do it from my API controller.

To solve this problem I had to use the "sed" command and when the zenstack generate command is executed, the sed command deletes the zenstack_guard lines. Example: 'npx zenstack generate && sed -i '' 's/zenstack_guard Boolean @default(true)//g' prisma/schema.prisma && npx prisma generate.

Posible solution (feature) The simplest solution is to add in the zenstack.config.json something like "guardField": Boolean (default true)

zenstack.config.json

{
  "guardField": false
}

I hope I have explained it well.

Aditional It would be nice to add the option to choose the output of zenstack generate in zenstack.config.json, if it already exists I did not find it.

zenstack.config.json

{
  "output": "./src/database/prisma" (path)
}
ymc9 commented 1 year ago

Thanks for bringing this up @JYachelini . I think there should be a good chance that we can suppress the generation of the zenstack_guard field when access policies are not used. Just to confirm, you not using any @@allow and @@deny attributes, right?

As to the output location of schema.prisma, it can be configured by the @core/prisma plugin as shown here: https://zenstack.dev/docs/reference/plugins/prisma

JYachelini commented 1 year ago

Thanks for the explanation of @core/prisma @ymc9

I'm not using any @@allow and @@deny. I don't need it, so the zenstack_guard is not necessary.

ymc9 commented 1 year ago

Got it. Thanks for the confirmation! Let me look into that.

Just out of curiosity: what is the main extension that ZenStack made to Prisma that you're using now?

JYachelini commented 1 year ago

I use ZenStack because I can modularize the schemas and also extend from the Base model. Also saw some options in the documentation that I liked but have not implemented yet. I don't know if you are referring to an extension to this I told you about

abstract model Base {
    id Int @id @default(autoincrement())
    createdAt DateTime @default(now())
    updatedAt DateTime @default(now()) @updatedAt
    deletedAt DateTime?
}
Captura de pantalla 2023-05-17 a la(s) 17 35 28
ymc9 commented 1 year ago

Yes, that's what I meant by extensions haha. Thanks for letting me know!

ymc9 commented 1 year ago

Fixed by #436

Hey @JYachelini , with the new alpha.119 release, the auxiliary fields won't be generated for models without access policies.

JYachelini commented 1 year ago

Nice! @ymc9 Thanks!!