Creating Rules - Part 1
As discussed in the last section, we're going to place the following restrictions on the predicates in the wallet collection:
wallet/name- only the owner of the wallet can editwallet/balance- anyone can editwallet/user- no one can edit.
The first thing that we need to do is create a smart function that checks if the user making the update (?auth_id) is the owner of the wallet.
We'll need to use the following built-in function:
(query "query string here"): issues any query you like. Here we'll be issuing the query:
{
"select": [
{
"wallet/user": [
{
"_user/auth": ["_id"]
}
]
}
],
"from": "(?sid)"
}
When you stringify this query, it is: (str \"{\\\"select\\\": [{\\\"wallet/user\\\": [{\\\"_user/auth\\\": [\\\"_id\\\"]}]}], \\\"from\\\": \" (?sid) \" }\").
(get-all X Y): Gets all of a certain predicate (or predicate-path),Yfrom an subject,X, returns a set or nil. For example, assuming(?s)is a person we are updating.(get-all QUERY-RES-HERE [\"person/chat\" \"_id\"])gets the_ids for allchatsrecords referenced inperson/chatfrom the result of the query.(contains? X Y): Checks whether an object or hash-set,Xcontains a specific key (for objects) or value (for hash-sets),Y.(?auth_id): The auth id issuing this request.
To create a smart function, and attach that smart function to a rule for wallet/name, our transaction would look as follows:
[
{
"_id": "_fn$ownWallet",
"name": "ownWallet?",
"code": "SMART FUNCTION CODE HERE"
},
{
"_id": "_rule$editOwnWalletName",
"id": "editOwnWalletName",
"doc": "A cryptoUser can only edit their own wallet/name",
"fns": ["_fn$ownWallet"],
"ops": ["transact"],
"collection": "wallet",
"predicates": ["wallet/name"]
}
]
Write a Smart Function!
Using the smart functions listed above, can you figure out how to create a smart function that checks whether the wallet being updated is owned by the user trying to update it?