NOT READY YET
This package is meant as a turn key back office interface to a PostgREST instance with optional configuration, inspired by Rails' ActiveAdmin.
PostgREST is a web server that sits in front of a Postgres database providing a simple but powerful RESTful API.
It delegates a lot of the functionality to the database, performing authentication using roles and exposing only certain tables to the REST API using schemas.
A Postgrest database can have many different schemas (not to be confused with
the database schema).
A schema can be thought of a namespace that contains
tables, types and functions, a db connection can specifiy a
search path
which indicates which schemas, and with what precendence, to use to find the db
tables.
To understand better how does PostgREST restricts the API table exposure check
schema isolation,
switching schemas
and configuration.
PostgREST depends on JSON Web Tokens for authentication, which can be obtained from an external provider with a shared secret, or by defining a couple of PL/pgSQL procudeures it can provide a login RPC and generate it's own tokens.
Fine grained permissions can be given by granting different privileges to roles on a schema, table and row level.
To learn more about PostgREST role based auth check Role System.
PostgREST also generates an
OpenAPI description
of the api, which contains information about all of the endpoints (tables,
foreign tables, views, functions), it can be used to generate swagger.
PostgRestAdmin uses this description to infer the admin interface to the API
resources.
The most basic way use is just to define your main function as a PostgRestAdmin.Program, the admin interface is built from PostgREST Open API description.
module Main exposing (main)
import PostgRestAdmin
main : PostgRestAdmin.Program
main =
PostgRestAdmin.configure
|> PostgRestAdmin.withHost "https://postgrest.example.com"
|> PostgRestAdmin.buildProgram
Then flags can be passed on Elm.init
Elm.Main.init({
flags: {
host: "https://postgrest.example.com",
jwt: sessionStorage.getItem("jwt")
}
})
jwt flag accepts a token to authenticate the requests.
Configuration params are passed to the PostgRestAdmin program using a pipeline in the example below.
-
withHost sets the PostgREST instance host
-
withLoginUrl specifies the URL to POST credentials, which can be a PostgREST function or an external service if CORS is configured correctly
-
onLogin is a callback triggered with a JWT string on successful login
port module Main exposing (main)
import PostgRestAdmin
port loginSuccess : String -> Cmd msg
main : PostgRestAdmin.Program main = PostgRestAdmin.configure |> PostgRestAdmin.withHost "https://postgrest.example.com" |> PostgRestAdmin.withLoginUrl "https://postgrest.example.com/rpc/login" |> PostgRestAdmin.onLogin loginSuccess |> PostgRestAdmin.buildProgram
In addition to configuring the login POST url with loginUrl,
the token is persisted to keep the user logged in across page reloads by using
flags and ports.
app = Elm.Main.init({
flags: {
jwt: sessionStorage.getItem("jwt")
}
})
app.ports.loginSuccess.subscribe(jwt => {
sessionStorage.setItem("jwt", jwt)
});
Most of the previous configuration options can be overridden using flags, thus the same build can be used in different environments. See the PostgRestAdmin module documentation for all available configuration options.
You can override some listing, the detail for a resource, a form or add additional behaviour by mounting your own application in as many routes as you want.