Direcstore

Data Security

Data filter and authorization check

Overview

The data security rules can be implemented as javascript code on-the-fly to filter data and check user's authorization in addition to the data query.

The security rules can be updated directly in the data model object or via the administration UIs.

Data security check

Data filter

A pre-defined tagging template support building additional conditions for the SQL query. For example in the select data rule, we add filter as following:

            const checkEmail = 'abc@localhost';
    filter`email = ${checkEmail}`

      

The direcstore engine will parse the string tagging template and add it to the select query as part of the "where" condition.

Authorization check

The default user authentication model has role based implementation which can be used for checking during data querying. For example of rule which allow only admin role to execute the query

        let {user, ext} = auth;
if(user){
    if(user.roles.includes('admin')) {
        true
    } else {
        false
    }
} else {
    false
}

      

User role can be maintained in Admin UIs

User account