Fork me on GitHub
#datomic
<
2016-10-03
>
robert-stuttaford12:10:40

@jaret @marshall one of the things that worries me is how easily someone can delete a database in Datomic. what protections do we have, other than code review and preventing the use of remote repls entirely?

danielstockton12:10:12

It's pretty easy to drop most databases (postgres, mysql...) if you have root access. Are backups not enough protection against that?

robert-stuttaford12:10:02

we have hourly backups. but, prevention is better than cure. also, other dbs allow you differing levels of access - ie, no DELETE commands, whereas due to Datomic’s design, the peer has full privileges

robert-stuttaford12:10:22

i don’t want to have to deal with any data loss at all, and this is one of the gaps i’m aware of

robert-stuttaford12:10:01

we love our remote repls — they afford us a lot of power. but that datomic.api/delete-database is so near to hand 😱

robert-stuttaford13:10:07

we already only allow our transactor DDB writes, but if the txor does the delete (which i’m pretty sure it does), that doesn’t help us

robert-stuttaford13:10:57

so i’m wondering what we can do if it is deleted to restore it (i know it sticks around in storage for a while), or what we can do to prevent deletion

jaret17:10:04

@robert-stuttaford at present there is no configurable option on these api calls. Your approach of preventing remote REPLs and reviewing code is the current recommendation. We’ll register the request for more configurable control over the api.

robert-stuttaford18:10:23

thanks, @jaret. i think it’s definitely worth adding some protection, but i have no idea how best to actually do that.

vipaca19:10:17

Are there any recommendations for pagination or limit with offset for datomic?

potetm19:10:08

@vipaca AFAIK datomic doesn't have any inherent notion of order. You can add an :item/index attribute and query using limit+offset.

potetm19:10:12

Yeah. That's what came to my mind as well.

vipaca19:10:58

thanks potetm

timgilbert19:10:32

Hey, this kind of feels like a newbie question, but I have a company with a list of members, and I’m using the pull syntax to get them out like this:

(d/pull db '[:company/members] [:company/slug slug])
=> #:company{:members
          [#:db{:id 285873023222825}
           #:db{:id 285873023222826}
           #:db{:id 285873023222827}]}

timgilbert19:10:17

..is there a way to tell the pull API that I just want the list of members so I don’t have to (-> (d/pull …) :company/members)?

timgilbert19:10:47

I know (d/query) has some options for that in the pattern syntax

marshall19:10:04

Are you using clojure 1.9 ?

marshall19:10:17

I think that's the cause here

marshall19:10:23

Try it with 1.8

timgilbert19:10:43

No, the namespace syntax is fine, what I want to do is control the nesting

marshall19:10:54

Oh, sorry. Misunderstood

timgilbert19:10:46

No prob… I mean like with query I can say (d/query [attribute …]) vs (d/query attribute) to control the shape of the data coming back

timgilbert19:10:05

Just wondering if there’s an analogous control for the pull API

marshall19:10:02

I don't believe so. The idea is you get the nested hierarchy of the data structure as specified in the pull patter

marshall19:10:19

And since this is a multi cardinality attribute, you'll get the map of attribute name to set of values

timgilbert19:10:40

Hmm, yeah, I guess since I’m giving it an EID to start with that makes some sense.

timgilbert19:10:50

Ok, cool. Thanks!