Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add documentation for BeforeRequest #62

Open
andreialecu opened this issue Aug 5, 2015 · 4 comments
Open

Add documentation for BeforeRequest #62

andreialecu opened this issue Aug 5, 2015 · 4 comments

Comments

@andreialecu
Copy link

deployd/deployd#596
@moorthi07
Copy link
Member

moorthi07 commented Nov 6, 2017
edited
Loading

We don't have documentation for both BeforeRequest and On AfterCommit.

  1. There is no dedicated page that explains "Collection Events" only. Or this topic "Adding Custom Business Logic with Events" - Looks like a guide than, listing the features.

We could also add a 'Security in Deployd' section and point to all the documents that are related to. As this is a standard terminology, will make it easier for quick reference.

Here is the documentation for BeforeRequest and AfterCommit. Pl. suggest your corrections and will add it to a new Help page ""Collection Events".

ON BEFOREREQUEST
Called for each Http method call of a Collections Endpoint, like GET, PUT, POST, DELETE. This event can be used as a general security check point for that collection only like below.


if ((!me || me.id !== this.userId) && !internal){
     cancel("Unauthorized", 401);
}

Note: This above code applies for all four events. If your API doesn't need login for post or get , etc. You have to add this in each event.

You can also find open source modules in "modules link" for 'Security' modules to include in your project.

ON AFTERCOMMIT

Called after a POST / PUT / DELETE event is executed. You can use event for example, changing return values or sending out emails etc.

@andreialecu
Copy link
Author

It's important to add that 'BeforeRequest' exposes a variable to scripts named event which can be GET, PUT, POST or DELETE. Also see deployd/deployd#596 (comment)

And AfterCommit has a similar method variable which can be POST or PUT.

@moorthi07
Copy link
Member

That is beautiful . Awesome.
So, we will add this below example to the doc. (including for aftercommit). Do you have any example code that modify the return value On AfterCommit?

I think we should directly start editing in the Documents repo.

if (!me) cancel("Not authorized", 401); // don't allow anyone in that is not authorized

switch (event) {
case "GET":
if (!ctx.query.$limit || ctx.query.$limit > 20) ctx.query.$limit = 20; // max 20 results
break;
case "PUT":
// something for put
break;
case "POST":
// something for post
break;
}

@andreialecu
Copy link
Author

AfterCommit runs after the database has been updated and after a response has been returned.

It's main purpose is to run code after ensuring that data has been stored. Use it to emit to clients that things have been updated, or to run other code that does additional work in a separate section of the app, and which possibly depends on doing queries on the newly updated collection, and expects the data to be there.

Assuming data has been commited prior to AfterCommit is a strongly discouraged. We should change the other places in the documentation that recommend running emit in On POST/PUT

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@andreialecu @moorthi07