Comment on page

Permissions

How to manage tables read/writes

This guide will allow you to understand how pREST to understand and manage your table's permission management and how you can tailor it to your needs by using the  prest.toml file. 
Restrict mode
The prest.toml file allows you to configure each table's read/write/delete permissions.
[access]
restrict = true  # can access only the tables listed below
restrict = false: (default) The pREST will serve in public mode. You can write/read/delete every data without configuring permissions.
restrict = true: you need to configure the permissions of all tables.
Ignore table
If you need to ignore restricted access mode for some tables, you can use the ignore_table option, it receives a string list with the names of the tables to be "ignored", by default, is an empty list [].
[access]
restrict = true
ignore_table = ["news"]
Table permissions
Example:
[[access.tables]]
name = "test"
permissions = ["read", "write", "delete"]
fields = ["id", "name"]
Multiple configurations for the same table:
[access]
restrict = true  # can access only the tables listed below
​
[[access.tables]]
name = "test"
permissions = ["read"]
fields = ["id", "name"]
[[access.tables]]
name = "test"
permissions = ["write"]
fields = ["name"]
attribute
description
name
Table name
permissions
Table permissions. Options: read, write and delete
fields
Exposed fields permitted for operations
Example configuration
Configuration example: prest.toml​
[auth]
table = "prest_users"
username = "username"
password = "password"
metadata = ["first_name", "last_name", "last_login"]
​
[http]
port = 3000
​
[cache]
enabled = true
​
    [[cache.endpoints]]
    endpoint = "/prest/public/test"
    time = 5
​
[access]
restrict = true  # can access only the tables listed below
​
    [[access.tables]]
    name = "Reply"
    permissions = ["read", "write", "delete"]
    fields = ["id", "name"]
​
    [[access.tables]]
    name = "test"
    permissions = ["read", "write", "delete"]
    fields = ["id", "name"]
​
    [[access.tables]]
    name = "testarray"
    permissions = ["read", "write", "delete"]
    fields = ["id", "data"]
​
    [[access.tables]]
    name = "test2"
    permissions = ["read", "write", "delete"]
    fields = ["id", "name"]
​
    [[access.tables]]
    name = "test3"
    permissions = ["read", "write", "delete"]
    fields = ["id", "name"]
​
    [[access.tables]]
    name = "test4"
    permissions = ["read", "write", "delete"]
    fields = ["id", "name"]
​
    [[access.tables]]
    name = "test5"
    permissions = ["read", "write", "delete"]
    fields = ["*"]
​
    [[access.tables]]
    name = "test_readonly_access"
    permissions = ["read"]
    fields = ["id", "name"]
​
    [[access.tables]]
    name = "test_write_and_delete_access"
    permissions = ["write", "delete"]
​
    [[access.tables]]
    name = "test_list_only_id"
    permissions = ["read"]
    fields = ["id"]
​
    [[access.tables]]
    name = "test6"
    permissions = ["read", "write", "delete"]
    fields = ["nuveo", "name"]
​
    [[access.tables]]
    name = "view_test"
    permissions = ["read"]
    fields = ["player"]
​
    [[access.tables]]
    name = "test_group_by_table"
    permissions = ["read"]
    fields = ["id", "name", "age", "salary"]

attribute	description
name	Table name
permissions	Table permissions. Options: `read`, `write` and `delete`
fields	Exposed fields permitted for operations

Migrating

API Reference

Last modified 11d ago