'%20clip-path='url(%23clipPath1075)'%3e%3cg%20transform='matrix(2.6042,0,0,2.6042,789.58,466.67)'%3e%3cpath%20d='m12%202c5.523%200%2010%204.477%2010%2010s-4.477%2010-10%2010-10-4.477-10-10h2c0%204.418%203.582%208%208%208s8-3.582%208-8-3.582-8-8-8c-2.464%200-4.668%201.114-6.135%202.865l2.135%202.135h-6v-6l2.447%202.446c1.833-2.11%204.537-3.446%207.553-3.446zm1%205v4.585l3.243%203.243-1.415%201.415-3.828-3.83v-5.413z'/%3e%3c/g%3e%3c/g%3e%3c/svg%3e){kind=small}
'%20fill='%2331343d'%20shape-rendering='auto'%3e%3cpath%20d='m21.804%2013.913%206.4333%209.6458-6.4333%209.6441h5.8824l3.493-5.2352%203.4913%205.2352h5.8824l-12.867-19.29z'%20color='%23000000'%20color-rendering='auto'%20dominant-baseline='auto'%20image-rendering='auto'%20solid-color='%23000000'%20style='font-feature-settings:normal;font-variant-alternates:normal;font-variant-caps:normal;font-variant-ligatures:normal;font-variant-numeric:normal;font-variant-position:normal;isolation:auto;mix-blend-mode:normal;shape-padding:0;text-decoration-color:%23000000;text-decoration-line:none;text-decoration-style:solid;text-indent:0;text-orientation:mixed;text-transform:none;white-space:normal'/%3e%3cpath%20d='m14.882%2013.913%206.4333%209.6458-6.4333%209.6441h5.8824c2.0855-3.2911%204.0452-6.2959%206.2221-9.9618l-6.2221-9.3281z'%20color='%23000000'%20color-rendering='auto'%20dominant-baseline='auto'%20fill-opacity='.57315'%20image-rendering='auto'%20solid-color='%23000000'%20style='font-feature-settings:normal;font-variant-alternates:normal;font-variant-caps:normal;font-variant-ligatures:normal;font-variant-numeric:normal;font-variant-position:normal;isolation:auto;mix-blend-mode:normal;shape-padding:0;text-decoration-color:%23000000;text-decoration-line:none;text-decoration-style:solid;text-indent:0;text-orientation:mixed;text-transform:none;white-space:normal'/%3e%3cpath%20d='m7.9604%2013.913%206.4333%209.6458-6.4333%209.6441h5.8824c2.0855-3.2911%204.0452-6.2959%206.2221-9.9618l-6.2221-9.3281z'%20color='%23000000'%20color-rendering='auto'%20dominant-baseline='auto'%20fill-opacity='.27655'%20image-rendering='auto'%20solid-color='%23000000'%20style='font-feature-settings:normal;font-variant-alternates:normal;font-variant-caps:normal;font-variant-ligatures:normal;font-variant-numeric:normal;font-variant-position:normal;isolation:auto;mix-blend-mode:normal;shape-padding:0;text-decoration-color:%23000000;text-decoration-line:none;text-decoration-style:solid;text-indent:0;text-orientation:mixed;text-transform:none;white-space:normal'/%3e%3c/g%3e%3c/svg%3e){kind=small}
Permissions
Basics
Permissions are implemented by using throw Abort() and return:
// TodoItem.telefunc.ts
// Environment: server
export { onTextChange }
import { getContext, Abort } from 'telefunc'
function onTextChange(id: string, text: string) {
const { user } = getContext()
if (!user) {
// We return `notLoggedIn: true` so that the frontend can redirect the user to the login page
return { notLoggedIn: true }
}
const todoItem = await Todo.findOne({ id })
if (!todoItem) {
// `throw Abort()` corresponds to "403 Forbidden" of classical APIs
throw Abort()
}
// We can easily programmatically implement advanced permissions such
// as "only allow the author or admins to modify a to-do item".
if (todoItem.authorId !== user.id && !user.isAdmin) {
throw Abort()
}
await todoItem.update({ text })
}In general, we use throw Abort() upon permission denials but, sometimes, the frontend needs to know why the the telefunction call failed:
in this example we return { notLoggedIn: true } instead of throw Abort() so that the frontend can perform a redirection:
// TodoItem.tsx
// Environment: client
import { onTextChange } from './TodoItem.telefunc'
function onChange(id: string, text: string) {
const res = await onTextChange(id, text)
if (res?.notLoggedIn) {
// Redirect user to login page
window.location.href = '/login'
}
}
function TodoItem({ id, text }: { id: string; text: string }) {
return <input input="text" value={text} onChange={(ev) => onChange(id, ev.target.value)} />
}getContext() wrapping
To implement permission logic once and re-use it, we can define a getContext() wrapper:
// components/TodoItem.telefunc.ts
// Environment: server
export { onTextChange }
import { getUser } from '../auth/getUser'
function onTextChange(id: string, text: string) {
const user = getUser()
/* ... */
}// auth/getUser.ts
// Environment: server
// Note that getUser() isn't a telefunction: it's a wrapper around getContext()
export { getUser }
import { getContext, Abort } from 'telefunc'
function getUser() {
const { user } = getContext()
if (!user) {
throw Abort({ notLoggedIn: true })
}
return user
}// Environment: client
import { onAbort } from 'telefunc/client'
onAbort(err => {
if (err.abortValue.notLoggedIn) {
// Redirect user to login page
window.location.href = '/login'
}
})