Thoughts

Solutions

HATEOAS HAL Support

Route and Document Level Access Control

Built-in document workflow status support

OpenApi and TypeScript documentation

Documentation ( mockup code examples for now )

Controllers

Example


import { Resource, Get } from "routesjs";
import { db } from "app/db";

@Resource("/events", { resource: "event" })
export class EventsController {

  @Get({ permission: "events:list", output: "event" })
  async get(req){
    const events = await db.query<Event>("events")
      .whereRaw(req.permission.documentFilter.toSQL());

    return events;
  }
}

@Route("/events/:id", { resource: "event", parent: "events" })
export class EventController {

  @Get({ output: "event", permission: "event:view" })
  async get(req){

  }
  
  @Workflow(eventsWorkflow)
  async updatePublicationStatus(req, workflowAction){

    const doc = await db<Event>({ id: req.params.id }).first();
    
    const newStatus = workflowAction(doc);
    
    await db<Event>({ id: req.params.id }).update({ publicationStatus: newStatus });
  }

  @Action("custom", {})
  async customAction(req){

  }

}

Config

Permissions

Example

{
  "event:list": [ "admin", { role: "public", documentFilter: { status: "public" } }],
  "event:view": [ "admin", { role: "public", documentFilter: { status: "public" } }],
  "event:edit": [ "admin" ]
}

Workflow definition

Example

export const eventsWorkflow = {

  workflow: [
    "draft <=reject|submit=> pending <=unpublish|publish=> public"
  ],

  actions: {
    "submit": {
      documentFilter: { date: { $gt: 12 }},
      permissions: ["admin","editor", { role: "blogger", documentFilter: (req) => ({ creator: req.user.id }) } ]
    }
  }
};