Fork me on GitHub

@currentoor: you might want to look at om next.


@currentoor: Any Datomic Peer (or anything with unrestricted access to a Peer, like the ReST interface) can do anything to the database. If you are offering a service to untrusted clients, you'll want to provide a service interface that limits what they can do. For example, you could write your own parser for a restricted subset of Datomic's datalog that you know is safe. You have to decide what to allow: For example, parentheses could be either rule invocation or method invocation.


in case anyone else finds this useful...I created a db function to compose an existing parent identifier with another association in an entity transaction:


@nxqd, @stuartsierra thanks for the advice