The database module is the core of Space Cloud. It provides instant REST, gRPC APIs on any database out there directly from the frontend. The API loosely follows the Mongo DB DSL. In addition to that, it expects a JWT token in the
Authorization header. This JWT token is used along with user defined security rules to enforce authentication and authorization.
By CRUD I mean Create, Read, Update and Delete operations. These are the most basic operations that one can perform on a database. In addition to that, we offer a flexible query language (based on the Mongo DB query DSL) to slice and dice data as needed.
Currently the database module supports the following databases:
- Mongo DB
- MySQL and MySQL compatible databases
- Postgres and Postgres compatible databases
Configure the crud module
The config pertaining to crud module can be found inside the
crud key under the
modules object. Here's the snippet:
modules: crud: mongo: conn: mongodb://localhost:27017 isPrimary: true collections: todos: isRealtimeEnabled: false rules: create: rule: allow read: rule: allow update: rule: allow delete: rule: allow # Config for other modules go here
As you can see
crud, in this case has the key
mongo which stands for the MongoDB database. You can have multiple databases in a single project by simply adding the config of each database under
crud. The keys for the databases we currently support are
mongo (for MongoDB),
sql-postgres (for Postgres) and
sql-mysql (for MySQL).
For each database, you need to specify the following fields:
- conn: This is the connection string to connect to the database with.
- isPrimary: Specifies if the database is to be used as the primary database. Note, you cannot have more than one primary database.
- collections: These are the table / collections which need to be exposed via Space Cloud. They contain two sub fields
rulesare nothing but the security rules, to control the database access.
The snippet shown above configures Space Cloud to use
MongoDB as the primary database present at
mongodb://localhost:27017. It exposes a single collection
todos. All types of operations (create, read, update and delete) are allowed on the
todos collection. This implies that, any anonymous user will be able to perform any operations on the database. To expose more tables / collections, simple add new objects under the
Here's an example that has two collections
users. Note, updating and deleting users is denied.
modules: crud: mongo: conn: mongodb://localhost:27017 isPrimary: true collections: todos: isRealtimeEnabled: false rules: create: rule: allow read: rule: allow update: rule: allow delete: rule: allow users: isRealtimeEnabled: false rules: create: rule: allow read: rule: allow update: rule: deny delete: rule: deny # Config for other modules go here
allowrule must only be used cautiously. It must never be used for update and delete operations in production. You can read more about security rules here.
Now you know the basics of the database module. The next step would be diving deeper into the security rules and its structure. Let's make sure that the apps we build are secure!
You can also check out the API docs to start building your app right away or head over to the next module.