Allow soft delete (that rely on Delete rather than Update permissions) #225
Comments
|
Commenting although you are still editing the post. I wold recommend solving the TTL on a database level based on your TTL field. For MongoDB, check out https://docs.mongodb.com/manual/core/index-ttl/ |
|
The problem is that postgres (the db i am using) is not implementing any kind of ttl. |
|
Assuming a Nullable timestamp field in the DB named |
|
Pseudo code for the filter... |
|
This is exactly the solution I am working on. The only problem is that I cannot meet the requirement of forbidding the direct edit of 'DeleteAt' (as I want it can be only modified through the 'ttl' field). Maybe makes sense to create another attribute on which is "Computed". Computed fields are those that cannot be edited directly but they are computed on INSERT/UPDATE/REPLACE time. Opinions? |
|
Is it really necessary to this to go through |
|
I am not sure which is the best way to approach that, but I think that having Computed fields may be very powerful in some cases. |
|
Well, depending on what data they use to compute, I guess doing the computation in a hook is a way to go. I would prefer |
|
I am using Hooks right now to implement what I want, and it works. But I want that nobody is able to edit the field directly through the REST interface :( |
|
Well, there are |
|
Doesn't setting the field |
|
It doesn't work. It returns an error message because the field is ReadOnly and with the Hook I need to change it. My hook is quite simple; |
|
You are right 🤦♂️ My mistake. There are some work-around for setting read-only fields but it's not available to the hook. It's used e.g. when setting fields from the path:
It wold be nice if there was an easier way to bypass Read-Only fields; we certainly have a use-case for it, e.g. when we are using RPC to update resources directly. But I don't have a good idea for how it cold be designed. |
|
Longer term, I plan to have a look at this here: https://github.com/searis/schema. However I cannot commit to any particular timeline for this now. Probably nice to come up with a solution that works for the current schema package. |
|
Possible work-around for now: If you always set the field in your hook on insert/update (or remove it from the payload if present when The only thing you won't get from this is the validation error when users are trying to set it. It's not ideal, but perhaps it's workable. Possible fix in the schema package: Here is one possible thought. We add a wrapper type that can be embedded in the payload programatically to skip validation. package schema
type SkipValidation struct{
Value interface{}
}When a Field validation method encounters a So in this case: func (dh DeprecateHandler) OnInsert(ctx context.Context, items []*resource.Item) error {
for _, i := range items {
if i.Payload["ttl"].(int) > 0 {
i.Payload["deleteAt"] = schema.SkipValidation{
Value: time.Now().Local().Add(time.Hour * time.Duration(i.Payload["ttl"].(int))),
}
}
}
return nil
}Perhaps could even |
smyrman
changed the title
I am going to explain my use case to see if you can help me find the best way to implement it using rest layer.
There are certain type of objects that I need to deprecate based on a TTL (time to live), so I created a field named 'ttl' on the schema with that configuration:
Having 0 as 'ttl' means that the object is never deprecated. On the case it's not 0, the deprecation time must be updated + ttl.
Now I need to be able to sort and filter based on that deprecation time, but there isn't a specific field with that data, so i need to create it. The characteristics I need for that field are:
I cannot use OnInit or OnUpdate to set the value, because on the init and update function I don't have access to the value of the 'ttl' field, so I tried to use Hooks for OnInsert and OnUpdate; It works when creating the object, but not when updating it (because it's read only).
The text was updated successfully, but these errors were encountered: