Comments (4)
Hey @munknex! This concept is explained in Robert's post: https://threedots.tech/post/repository-secure-by-design/
The code itself comes from the domain layer. However, checking permissions for each query would add an orchestration boilerplate in the application layer and would be very slow. So it's a trade-off to have the repository call it.
from wild-workouts-go-ddd-example.
Hey @iwittkau. I probably went too far with the "very slow" part. 😅 The point was that each query would need another SQL query (or queries) before the command is run. In retrospect, at least initially, performance is not a valid concern. Just something to keep in mind that you usually will need more queries this way.
The application layer is definitely a valid place for authorization if it's easy enough to understand who can access a resource. I described how to do it with decorators in this post: https://threedots.tech/post/increasing-cohesion-in-go-with-generic-decorators/ - this has the added benefit that the same command can be running with and without authorization, depending on where you call it from.
Keeping this logic in the repository shines for queries when checking permissions isn't as simple as comparing one user ID. For example, consider a social app where users can block each other, which should hide all posts for the blocked user. Doing such checks on the repository level means you don't need to be concerned about who uses the repository because the permissions model works everywhere.
from wild-workouts-go-ddd-example.
@m110 I don't quite understand what the overhead and slowdown would be if you put it in the application layer. It seems more logical to me to put the required permission checking for commands and queries close to their implementation, especially if you're using different repository implementations.
from wild-workouts-go-ddd-example.
@m110 Thanks for the quick and thorough response! Your social media example makes sense and I now understand where you were coming from.
from wild-workouts-go-ddd-example.
Related Issues (20)
- Not completed logic which needs transaction. HOT 3
- Not able to run code with the Docker-Compose method HOT 1
- Saving Aggregate with entity list HOT 3
- Authorization/permissions for single domain's struct fields HOT 2
- Application add query services
- The power of generics in go for the repository pattern? HOT 1
- How should OpenTelemetry fit into this example? HOT 1
- Failed to create shim task: OCI runtime create failed HOT 7
- Can we use a pointer for Repository assignment? HOT 3
- How would you transform this architecture into Microservices? HOT 2
- Web frontend upgrade to vue3 and python3
- v1.0 Web Service Breaking Due to Outdated Packages
- External validation against rule: Always Keep a Valid State in the Memory HOT 2
- Htmx HOT 2
- Guidelines for starting afresh HOT 2
- How to re-arrange oapi-codegen based petstore example using the Repository Pattern? HOT 2
- deleted
- Wrapper for pure GET without any parameters HOT 2
- Trying to understand the code: where can I find the routing info HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from wild-workouts-go-ddd-example.