Create "queriers" and promote "mutators" as the preferred way to get data server-side instead of the connector #127
Labels
apollo
difficult / careful thinking
enhancement
New feature or request
help wanted
Extra attention is needed
Is your feature request related to a problem? Please describe.
The connector is meant for database communication, as an ORM.
But it cannot include Vulcan security checks.
Describe the solution you'd like
user
API route: it doesn't respect permissions because its bypassing permission filtering. Mutators/queriers are the default way to get standard data, connector should only be used for custom mutations/resolverscreateMutator({ model: Users,...})
becomesUsers.create = (params) => createMutator({model: Users, ...params})
. Same goes for hooks by the way (useMulti<UserType>({model: "Users"})
=>useMultiUsers(...)
.Describe alternatives you've considered
Putting callbacks within the connector, at the db level. But that will never be sufficient, as the connector is always specific to the underlying technology.
Mutators are the right place to do "generic" checks, like checking Vulcan permissions.
Connector should only be used when creating a custom mutation/resolver, that do not fit the basic crud operations.
For instance, see account management feature: we use the UserConnector, and StorableTokenConnector => we should use "queriers" and "mutators" instead so that callbacks are correctly applied.
The text was updated successfully, but these errors were encountered: