docs: add defined schema docs #863
Conversation
|
@sadortun if you want to take a look, feel to suggest some commit changes from github UI 🙂 |
| - `delete`: Delete permission | ||
| - `protectedFields`: Control get permission at field level | ||
|
|
||
| You can set each CLP field with options to add a first strong security layer. This security layer will be applied on the Parse Class and all Parse Objects into this class. |
There was a problem hiding this comment.
"into this class"? Do you mean sub classes?
|
|
||
| ## CLP Protected Fields Key | ||
|
|
||
| This CLP key is powerful and need some additional explanation. |
There was a problem hiding this comment.
I think this line can be removed, it doesn't seem to provide any relevant info. Maybe instead a sentence about what this is (used for).
| } | ||
| ``` | ||
|
|
||
| Listed keys under `*` will be protected from all users. Don't worry by default, `authData`, `emailVerified`, `password` are protected. |
| ``` | ||
|
|
||
| Listed keys under `*` will be protected from all users. Don't worry by default, `authData`, `emailVerified`, `password` are protected. | ||
| But here for example we protect `username` from all users. So user A, even authenticated will not be able to get the `username` of a user B. |
There was a problem hiding this comment.
Where is "here"? There is an example before and one after.
| ``` | ||
|
|
||
| Listed keys under `*` will be protected from all users. Don't worry by default, `authData`, `emailVerified`, `password` are protected. | ||
| But here for example we protect `username` from all users. So user A, even authenticated will not be able to get the `username` of a user B. |
There was a problem hiding this comment.
The references "user A", "user B" seem to not be used anywhere else? If so, just simplify this to something like "a user cannot ... of other users".
_includes/defined-schema/options.md
Outdated
|
|
||
| ## strict | ||
|
|
||
| You can set the `strict` option to `true` if you want parse-server to delete removed classes from your schemas from your database. Data stored in removed classes will be lost. |
There was a problem hiding this comment.
"Parse Server"
Could you rephrase "from your schemas from your database", may be confusing
_includes/defined-schema/options.md
Outdated
|
|
||
| You can set the `strict` option to `true` if you want parse-server to delete removed classes from your schemas from your database. Data stored in removed classes will be lost. | ||
|
|
||
| `strict` is default to `false`. If you often change your schemas be aware that you can have some stale classes in your database. You will need to delete these classes manually. |
There was a problem hiding this comment.
"By default strict is false.
"You can have stale..." sounds like it's permissible. I think you want to say that the stale classes are unwanted and may remain?
_includes/defined-schema/options.md
Outdated
|
|
||
| ## deleteExtraFields | ||
|
|
||
| You can set the `deleteExtraFields` option to `true` if you parse-server to delete removed a class field from your database. Data stored in the removed field will be lost. |
There was a problem hiding this comment.
"if you want Parse Server to..."
"Delete remove" - a typo?
_includes/defined-schema/options.md
Outdated
|
|
||
| You can set the `deleteExtraFields` option to `true` if you parse-server to delete removed a class field from your database. Data stored in the removed field will be lost. | ||
|
|
||
| `deleteExtraFields` is default to `false`. Be aware that some stale fields could exists in your database. You will need to delete these fields manually. |
|
|
||
| ## beforeMigration | ||
|
|
||
| A function called before parse-server performs schema updates based on the `definitions` option |
There was a problem hiding this comment.
Always use "Parse Server" when you refer to the product, don't use "parse-server" unless you are referring to the repository.
|
|
||
| Note: If you update CLP you do not need to update Parse Objects. CLP is a security layer at Class Level not Object Level. For Object Level permission you can take a look to ALCs. You can use CLPs combined to ACLs to deeply secure your Parse Server. | ||
|
|
||
| ## CLP Key Options |
There was a problem hiding this comment.
I would suggest replacing globally key with either parameter or attribute depending on the context.
Currently parameter seems to be more generalized as config keys
| // and then create the field with the new type | ||
| recreateModifiedFields: true, | ||
| // If true, Parse will delete non defined fields on a class. (Core fields are never deleted) | ||
| deleteExtraFields: true, |
There was a problem hiding this comment.
Theses 2 parameters should be false by default in the example to avoir a user copy-pasting the example config have it's data deleted unintentionally.
_includes/defined-schema/options.md
Outdated
|
|
||
| You can set the `recreateModifiedFields` option to `true` if you want Parse Server to clean field data before Parse Server update the field type when you change the type of a field (ie: from `String` to `Number`). Data stored on the modified field will be lost. | ||
|
|
||
| `recreateModifiedFields` is default to `false`. Be aware that if you do not perform some data migration, you can result with data type inconsistency on modified field. |
There was a problem hiding this comment.
Maybe adding some Bold for ?
Be aware that if you do not perform some data migration
There was a problem hiding this comment.
General feedback: the texts are quite verbose. Try to condense essential information into few words. Try to use as few lines as possible, instead of many lines with only a few words per line, that makes it easier to read and uses less space. For example:
// Here your Parse Server is ready
// with schemas up to date
// Just a code example if you want to expose
// an endpoint when parse is fully initialized
can be condensed into
// Parse Server is ready with up-to-date schema
| - `role:MyRole`: If you have already created a Parse Role, you can use your created Parse Role (ie: `MyRole`) in CLP keys. | ||
| - `requiresAuthentication`: If true an authenticated user will have the permission. | ||
| - `*`: Everybody has the permission | ||
| - `{}`: if you set the CLP key with `{}` like `create: {}` only calls with your Parse Server Master Key will have the permission |
There was a problem hiding this comment.
"`role:<roleName>`: If you are making use of Parse Roles you can set the permission based on a role."
...
"If you set the CLP key to `{}`" ... "calls with the Parse Server master key will"
| Available options for CLP parameters: | ||
|
|
||
| - `role:MyRole`: If you have already created a Parse Role, you can use your created Parse Role (ie: `MyRole`) in CLP keys. | ||
| - `requiresAuthentication`: If true an authenticated user will have the permission. |
There was a problem hiding this comment.
"If set to `true`, only authenticated users"
| Available options for CLP parameters: | ||
|
|
||
| - `role:MyRole`: If you have already created a Parse Role, you can use your created Parse Role (ie: `MyRole`) in CLP keys. | ||
| - `requiresAuthentication`: If true an authenticated user will have the permission. |
There was a problem hiding this comment.
"If set to `true`, only authenticated users"
|
|
||
| This CLP parameter allows you to restrict access to fields to specific Parse users. | ||
|
|
||
| We will take the Parse User Class as example. |
|
|
||
| This CLP parameter allows you to restrict access to fields to specific Parse users. | ||
|
|
||
| We will take the Parse User Class as example. |
|
|
||
| `recreateModifiedFields` is default to `false`. **Be aware that if you do not perform some data migration, you can result with data type inconsistency on modified field.** | ||
|
|
||
| On production a good practice could be to create a new field with your new type, and then create a Parse Cloud Job to migrate old field data to the new created field. |
There was a problem hiding this comment.
"Good practice would be to create a new field with a new type" ... "to the newly created field."
|
|
||
| ## lockSchemas | ||
|
|
||
| You can set the `lockSchemas` option to `true` if you want to to prevent any `Parse.Schema` manipulation outside of the Defined Schema feature. If this options is `true` any create/update/delete request to `Parse.Schema` will be denied. You will not be able to manipulate `indexes`, `classLevelPermissions`, `fields`. |
There was a problem hiding this comment.
"if you want to prevent any schema manipulation and to lock the schema as defined in the Parse Server configuration." ... "any create, update and delete request will be denied by the Parse Server API, even with the master key."
You can delete the following sentence "This option help to keep " as it does not provide any additional information.
|
|
||
| ## lockSchemas | ||
|
|
||
| You can set the `lockSchemas` option to `true` if you want to to prevent any `Parse.Schema` manipulation outside of the Defined Schema feature. If this options is `true` any create/update/delete request to `Parse.Schema` will be denied. You will not be able to manipulate `indexes`, `classLevelPermissions`, `fields`. |
There was a problem hiding this comment.
"if you want to prevent any schema manipulation and to lock the schema as defined in the Parse Server configuration."
|
|
||
| ## beforeMigration | ||
|
|
||
| A function called before parse-server performs schema updates based on the `definitions` option |
|
|
||
| ## beforeMigration | ||
|
|
||
| A function called before parse-server performs schema updates based on the `definitions` option |
|
Maybe not the best place to ask but as there is no official documentation available yet:
|
|
Thanks for the feedback to the docs, maybe @Moumouls can add this to the PR? |
|
thanks, @stephannielsen for your feedback I'll quickly answer to your question. Parse is not currently able to type the content of If you use the GraphQL API. You can use the "inline fragment" graphql feature to automatically get data from the pointer array. for example |
|
Hey, just had a quick question, since the documentation isn't updated yet. Can we have unique indexes according to the recent merge? Thanks. |
|
If anyone wants to pick up and finish this PR (see the review comments, just grammar and style corrections), please feel free to do so, so we can merge this chapter about defined schema into the docs. You will probably have to open a new PR, then we can close this one. I have added a description to this PR and created issue #872 to track this. |
|
@mtrezza any chance to update your comments using the commit suggestion feature ? then I'll be happy to apply all your suggestions 🚀 |
|
closing in favor of #912 |
Add defined schema docs.
See #872