Skip to main content

Creating Rules - Part 1

As discussed in the last section, we're going to place the following restrictions on the predicates in the wallet collection:

  • wallet/name - only the owner of the wallet can edit
  • wallet/balance - anyone can edit
  • wallet/user - no one can edit.

The first thing that we need to do is create a smart function that checks if the user making the update (?auth_id) is the owner of the wallet.

We'll need to use the following built-in function:

  • (query "query string here") : issues any query you like. Here we'll be issuing the query:
"select": [
"wallet/user": [
"_user/auth": ["_id"]
"from": "(?sid)"

When you stringify this query, it is: (str \"{\\\"select\\\": [{\\\"wallet/user\\\": [{\\\"_user/auth\\\": [\\\"_id\\\"]}]}], \\\"from\\\": \" (?sid) \" }\").

  • (get-all X Y) : Gets all of a certain predicate (or predicate-path), Y from an subject, X, returns a set or nil. For example, assuming (?s) is a person we are updating. (get-all QUERY-RES-HERE [\"person/chat\" \"_id\"]) gets the _ids for all chats records referenced in person/chat from the result of the query.

  • (contains? X Y) : Checks whether an object or hash-set, X contains a specific key (for objects) or value (for hash-sets), Y.

  • (?auth_id) : The auth id issuing this request.

To create a smart function, and attach that smart function to a rule for wallet/name, our transaction would look as follows:

"_id": "_fn$ownWallet",
"name": "ownWallet?",
"_id": "_rule$editOwnWalletName",
"id": "editOwnWalletName",
"doc": "A cryptoUser can only edit their own wallet/name",
"fns": ["_fn$ownWallet"],
"ops": ["transact"],
"collection": "wallet",
"predicates": ["wallet/name"]

Write a Smart Function!

Using the smart functions listed above, can you figure out how to create a smart function that checks whether the wallet being updated is owned by the user trying to update it?