This page is not created by, affiliated with, or supported by Slack Technologies, Inc.
2020-12-05
Channels
- # adventofcode (50)
- # announcements (1)
- # asami (29)
- # babashka (56)
- # beginners (19)
- # calva (62)
- # cider (12)
- # cljs-dev (1)
- # clojure (42)
- # clojure-europe (214)
- # clojure-france (4)
- # clojure-italy (1)
- # clojurescript (58)
- # community-development (4)
- # cryogen (6)
- # cursive (7)
- # data-science (1)
- # events (3)
- # figwheel-main (1)
- # fulcro (21)
- # lambdaisland (3)
- # malli (17)
- # mid-cities-meetup (1)
- # off-topic (38)
- # pathom (3)
- # reagent (7)
- # reclojure (1)
- # reveal (15)
- # rewrite-clj (11)
- # shadow-cljs (30)
- # sql (21)
- # test-check (14)
- # tools-deps (1)
- # vim (21)
- # xtdb (5)
No, not yet as a core API. You can achieve something similar, an eager filter, by using a transaction function inside a with-tx call that deletes entities you don't want to be visible to queries. It's not a terribly scalable approach but could still be useful for some
Are you thinking to create isolation between tenant data or something? Another approach could be to decorate your queries with parameterized rules
I was thinking of permissions, so like a tenant system. Yeah. Wrapping ICruxApi and adding rules would help.
@U050CTFRT and I got quite far with implementing such a rules system to support XACML and GDPR permissions (which isn't really possible via filters), e.g.
(let [db (crux/db (dev/crux))]
(crux/q
db
(entail
db
{:find '[?data]
:args '[{?user :ex/alice
?patient :ex/bob}]
:where '[
;; Get medical record events relating to patient
[?data :juxt.rdf/type :hl7.type/medical-record-event]
;; But only according to GDPR rules
[?data :gdpr/subject ?patient]
[?user :works-for ?dp]
(gdpr/can-legitimately-process? ?dp ?data)
]
:rules RULES}))))