This page is not created by, affiliated with, or supported by Slack Technologies, Inc.
2020-05-05
Channels
- # announcements (7)
- # babashka (20)
- # beginners (130)
- # bristol-clojurians (1)
- # cider (14)
- # clj-kondo (7)
- # cljdoc (14)
- # cljs-dev (15)
- # cljsrn (16)
- # clojars (11)
- # clojure (190)
- # clojure-dev (4)
- # clojure-europe (7)
- # clojure-italy (9)
- # clojure-nl (3)
- # clojure-romania (6)
- # clojure-uk (51)
- # clojurescript (44)
- # component (4)
- # conjure (28)
- # cursive (1)
- # data-science (4)
- # datascript (1)
- # datomic (30)
- # duct (4)
- # emacs (1)
- # figwheel (4)
- # fulcro (56)
- # graalvm (4)
- # helix (51)
- # jackdaw (2)
- # jobs-discuss (12)
- # joker (4)
- # lambdaisland (1)
- # local-first-clojure (1)
- # meander (73)
- # mid-cities-meetup (2)
- # nrepl (4)
- # off-topic (43)
- # pathom (56)
- # re-frame (37)
- # reagent (26)
- # shadow-cljs (161)
- # slack-help (9)
- # spacemacs (1)
- # tools-deps (18)
- # xtdb (18)
What does fulcro inspect’s query tab expect from the server? I’ve set up a development environment where my app can hit a node server at the /api endpoint, but the query tab keeps bugging out and I suspect it’s because my endpoint isn’t set up properly. I’m listening to post requests at /api on the host. It’s all transit encoding and decoding. Where is the query placed into the request - body, params? Is there documentation on what contract a server should uphold when responding with a pathom parser result? This boiler plate is taken care of in fulcro’s clj examples, but I’m struggling to mimic it with a cljs node server.
I can send EQL queries to the server in the body of a post and return pathom parser results. But this is just my own set up. Not sure what type of contract fulcro inspect expects for its queries, but it’s not working with my set up.
I've been having trouble with the chrome extension lately (randomly goes blank and I can't use it) the app version seems to be working for me
my best guess would be to get an implementation that does work with the inspect and work to narrow down the differences, but I know that's probably not very helpful.
I'm struggling to get a working implementation of a button. In the video series Tony uses the comment block to evaluate stuff but I'm trying to get a working button with just static data.
my guess would be maybe give the component an initial state, and have an on click event that passes new state to the component. I'm not sure yet tho. I think I need to look at transact more
Consider using Parinfer or Paredit to manage parens. Way easier with either of those IMO. "Highlight matching paren" and "rainbow parens" are also valuable because they make spotting these issues much easier.
I have them I just don't always know where to put the items I'm working with. I guess it's just something i'll have to get used to. Thanks!
is there a function to generate test / sample data given a defattr ? I would like to generate datomic schema entity given a collection of deafattr, this is helpful for test data.
hi, I just watched some of the videos on fulcro and it looks amazing. I do have some questions about data security and authorization
how is that handled in fulcro? let's say I have an app and I send a JWT token with user info, the user is hydrated with all his permissions and needs to access a graph of data where there are one to many relationships and he does not have access to all of the items in a collection. Another case is when he does not have access some attributes/fields of a piece of date
@eugen.stan The usual approach is to build those authorization rules into your pathom resolvers in the backend. The simplest thing to do is omit any data the response should not have from the resolver's results. You can also add an error message and render an error message in the client. I wrote a blog post describing how to accomplish the omission strategy: https://chrisodonnell.dev/posts/giftlist/api_auth/.
the solution there is to delegate to business layer https://graphql.org/learn/authorization/
At the end of the day, resolvers are how data gets into the response. Whether you choose to build an abstraction layer that the resolvers call to get data or build authorization into the resolvers directly, authorization should be done inside the resolvers in some way.
I saw your solution uses the id an I believe you check for the id to be in the table and allow access based on that. In more complex scenarios that is not enough. I also recommend hydrating the user completely (the authz permissions if any) instead of keeping just the ID - unless this data is cached by pathom in the de-normalized tables
I put together the simplest example I could in the post. If putting more user data into env
suits your purposes, then I encourage you to do that. 🙂
sure, thanks - I think puting that in words might be useful for people who just start with it
I know limit and offset are easy to do most of the time but key set pagination is required in cases where you deal with lots of data
I'm talking about this https://use-the-index-luke.com/no-offset
hmm ... I think I found my answer here, but feel free to share your experience https://github.com/walkable-server/realworld-fulcro/blob/master/src/conduit/ui/pagination.cljs
I have not done keyset pagination with fulcro and pathom. You have the freedom to pass params in the client and pull them out in the server with your queries, so it shouldn't be terribly difficult. There's an example of limit/offset pagination in the fulcro book you could adapt at http://book.fulcrologic.com/#_paginating_large_lists.
Sure thing
Careful with the example you linked; it's written in fulcro 2, not fulcro 3.
@eugen.stan jfyi pathom has ::pc/transform
attribute in resolvers/mutations options map, which can be used for authorization
i typically have a few of global higher-order authorization functions (like user-guard
, admin-guard
etc) which check whether the session user is authorized to view/modify the inputs and return nothing/error in case they are not, and then just add ::pc/transform (comp some-guard another-guard ,,,)
to options map
so these guard functions are essentially middlewares, and it seems like they don’t suffer from the shortcomings mentioned in the GraphQL article (+ they’re composable)
thanks @UDQ2UEPMY, I don't quite get it now but then I just started learning about fulcro and pathom . Do you have a gist / some code that you can share ?
@eugen.stan sure, something like this https://gist.github.com/fjolne/a6e3b852d2da890c043fbe3076e0d122
@eugen.stan it just occurred to me that calling parser
this way is insecure if you use pc/open-ident-reader
, as it’s possible to augment the env from the query via :pathom/context
, like
(parser {} `[{([:fake :ident]
{:pathom/context {::current-admin {:admin/id true}}})
[:some-admin-data]}])
so it’s better to either
1) do a more low-level check (such as validating session directly from the env)
or
2) use unaugmented env for the parser
call (e.g. by putting the original env into the env itself)
::pc/transform
is unaffected, i modified the gist for clarity https://gist.github.com/fjolne/a6e3b852d2da890c043fbe3076e0d122/revisions
hope it won’t affect your implementation, just decided it would be better to say rather than not to say@tony.kay I see ::report/row-style
is still missing from report-options. Do you plan to change it or should I send a PR to add it there?
I have defined some entities / attributes using RAD. This is one of the outputs that I see from start-databases
Datomic pull query to derive output is [:farm/name #:farm{:address [:address/id]} #:farm{:crops [:crop/id]} #:farm{:sales [:sales/id]}]
Now what will be the query to retrieve all farms, I have tried the below but it returns nil -
(parser {} [:farm/name])
I don't know this but it looks weird. Is there a single farm? Shouldn't you be providing an ident such as [:farm/name "Farm 1"]?
@holyjak I am trying to retrieve all farms in the farm table. So basically return names for all the farms.
@holyjak the current design is that you specify a body item if you want to customize rows…that one cannot be a style because it needs to have a sub-query
Well, you use ::report/row-style in the code and it is possible to use it to replace the default table row component, it just isn't documented in report options so I wasn't sure if it should. I'll write later about how I use and a possibly missing customization point.
Yes, thanks, I created mutations.clj and mutations.cljs and placed there mutations with the same name one for server and one for client just to get rid of :sym
I have simple mutation and I found some wierd behavior (I have workaround, but not an explanation) 1. will print aaaaaa... at load time 2. will NOT compile without (1) ( log/debug "aaaa") : Unable to resolve symbol: server in this context
(pc/defmutation test-with-email
[env {server :server, attach? :attach?}]
(log/debug "aaaaaaaaaaaaaaaaaaaaa") (1)
(log/debug server) (2)
(println server attach?))
@UQ5QFFX54 If pc
stands for pathom connect, you should provide an options map following your params vector (https://wilkerlucio.github.io/pathom/v2/pathom/2.2.0/connect/connect-mutations.html#_creating_mutations).
Just trying out fulcro. Relatively new to Clojure. Followed along with the docs here and got to a confusing part. http://book.fulcrologic.com/#_organizing_source
> http://book.fulcrologic.com/#_running_the_server
> The Clojure REPL will automatically start in the user
namespace.
> ...
> If you start the server with (start)
you should be able to load...
My REPL starts in the shadow.user
. Fixed by simply (in-ns 'user)
, but are the docs outdated? Did I miss something? Is there something like an init-repl-ns
that can be set to user
so the repl does start in the user
ns rather than the shadow.user
ns?
the docs are right, it’s expected that you start a REPL for your main server (which serves /api), not for shadow’s dev server (which is typically used to switch to CLJS REPL) so, you need to run both shadow (for CLJS compilation and hotreload) and main server (which serves API and assets) in parallel
I’ve just set up fulcro inspect electron and I’m successfully hitting my node cljs API endpoint from the Query tab. But I keep getting {:foo :com.wsscode.pathom.core/not-found}. The parser endpoint is working when I test it separately. I think fulcro is expecting a contract from the server that I’m not abiding by. I’m currently returning an “application/transit+json” response with a transit encoded body of the parser response. Is there something else needed in the response headers? Any ideas?