Add configurable preCommit and preRead hook at the partition level

Question

Add configurable preCommit and preRead hook at the partition level

Opened this issue 4 years ago · 1 comments

See #25 - this would allow e.g. a custom security layer to be injected based on the partition metadata (and maybe document header?). The partition metadata should then contain access control information for the given partition/stream, so that needs to be specified at stream creation time. This only works with the default partitioning scheme on streams and not with arbitrary partitionings.

Note though that this requires giving an additional context argument to all read/write API unless it should depend on global state.

Answer 1 · 2021-02-09T10:57:47.000Z

const globalContext = { authorizedRoles: ['user', 'everyone'] };

storage.preCommit((document, partitionMetadata) => {
     if (!partitionMetadata.allowedRoles.some(role => globalContext.authorizedRoles.includes(role))) {
         throw new Error('You are not allowed to commit to this partition with roles ' + JSON.stringify(globalContext.authorizedRoles));
     }
});

To make this more useable, partition metadata should be definable per partition, rather than per storage as is the case right now. This could be achieved by making the config.metadata a function that receives the partition name and returns a metadata object.

The hook methods could be placed in WritableStorage.write() right after const partition = this.getPartition(partitionName); and in ReadableStorage.readFrom() again right after const partition = this.getPartition(partitionId);.