-
-
Notifications
You must be signed in to change notification settings - Fork 277
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
sql & sequelize support #8
Comments
Integration with database should be quite easy because the only thing you need to do is to convert CASL rules into database query. So, when you define permissions for an entity based on its own fields, all should be good. Lets consider an example: can('update', 'Post', { 'author.email': { $regex: "admin" } }) In order to retrieve all posts which such user can update we need to create query like this: SELECT *
FROM posts as p
INNER JOIN users as u ON u.id = p.author_id
WHERE u.email LIKE "%admin%" And now your |
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
I don’t plan to create a core package for sequelize as it looks like that project is dying slowly. Instead I plan to add support for objection.js or/and mikroORM |
Probably I used to loud word “dying”). This is just my opinion after working with sequelize for half a year this is the list of what I don’t like in sequelize:
So, for standard use cases it works good, as well as mentioned libraries. But on the other hand objection and mikro-orm allows to work with non standard use cases easier (because both have query builder and more solid codebase) |
Some time ago I commented in sequelize repo on replacement of string based operators with symbol based It’s ridiculous, I said that Symbols don't fix the problem, they agreed and closed the issue. |
No progress for now. But have some thoughts:
|
So, to start we need a function The result of this Afterwards we can even implement something similar for sequelize but in this case the result of the function will be an object, which we can pass to @ujwal-setlur if you want to try to do this, your help is very welcome! |
@stalniy I will try to get to this in the next week or two! |
I want to help too. I intend to use it with objection.js. @stalniy do you plan to have |
As a separate package. @casl/knex |
I’ll create a folder for it and prepare the infrastructure code update: it would be awesome if We could create this together :) |
Sure, let me know when you want to chat. |
@otaviosoares sent you an email with instructions and created infra code for casl-knex in feat/knex branch |
Waiting for the feedback from @crcn in crcn/sift.js#202 |
It’s not battle tested yet. Don’t have enough time to do this. That’s why there is no docs |
For those of us using Objection.js, please see https://github.com/janeJeon/objection-authorize, I’ve been using and building it for the past few years, and it’s battle tested, and it supports full isomorphism! |
Guys, I proud to say CASL is now officially supports Prisma. So, anyone who uses prisma as ORM can try to use |
Hey, thanks for all the hard work on this project. I am very interested in the MicroORM integration, and think your idea to handle it via a custom repository makes a lot of sense. Have you began development on it yet? Is there anything I can do to assist? |
Hi @natepelzel Use @ucast/sql@alpha version to test integration with mikro-orm. there is a subpackage @ucast/sql/mikro-orm which exposes this functionality. There are some edge cases in objection.js integration which might be the same for mikro-orm, check this issues: |
is there any update regarding Objection support? |
This comment has been minimized.
This comment has been minimized.
@JaneJeon this is not true. I’ve never said that. Despite the fact there is no update on the work it doesn’t mean that you can use this thread to promote your library. Please, let’s keep this issue focused on the actual title. update: one more comment like that and you will be blocked |
Its good to see if there is official library support typeorm as typeorm itself and nestjs are getting quite popular. |
Is there any docs about objection integration? |
is there any plan to support sequelize as well on top of prisma ? or would you recommend using prisma only with casl while keeping all rest of code with sequelize ? could this actually work this way (mixed approach)? |
This did not age well, haha! |
and do you know if it is possible to use prisma and sequelize in the same project? basically using prisma only for the policy classes and stuff required by casl while keeping sequelize for all the rest ? |
Hi, I'm trying to implement casl in my node express project with sequelize (using postgres as db), but it's difficult for me to add the conditions part so that the user can only process their records and other cases, has anyone been able to implement it? or what is the best guide to apply the conditions in the casl rules |
Did anyone implement CASL with drizzle + postgres? Would appreciate if someone can provide any example or guide. |
CASL v6 docs are not clear on how to use this with say TypeORM, I get that there is no official integration. But from the docs it looks like you can make it work at least for some basic queries. Would like to get any pointers. I am using TypeORM & MySQL. Would consider migrating to Prisma but there are some issues with Prisma, like it doesn't provide specialized support for tree entities like TypeORM. |
Any updates for that? I'd love to use it with TypeORM, It's the only blocking issue for me. |
maybe knex support ? |
Look at @ucast/sql latest alpha version. This is where I stopped and currently I don’t have time to work on new features in open source |
Thanks for the work you have done so far, these stuff takes a lot of precious time and I understand that well as I have other open source projects myself, and I wish you the best of luck It would be great if you could do one more small favor and give me an overview of steps i need to take to make it work with create ability, as it seems ambiguous to me how i can make something like createMongoAbility out of it |
@jd1378 this can be a good starting point: https://gist.github.com/ygrishajev/9ef01444fdb5c386c43b6611400c0fc6 |
thanks a lot @ygrishajev for the gist |
oh, right, confused with possibility of usage with knex |
I guess I misunderstood the sorry for bothering you all with this notification, just wanted to save someone else's time if they happen to wonder about the same thing coming across this :) |
I created a simple CASL to Drizzle converter. It’s a work in progress and currently missing some features, such as array operators, which I plan to add as soon as possible. Feedback is highly welcome! |
I am a bit puzzled by the following:
Maybe you could also explain which features then would still be missing compared to the mongodb & mongoose solution.
The text was updated successfully, but these errors were encountered: