IT |
気になる、記になる… |
Microsoft、「Windows 11 バージョン 21H2」搭載デバイス向けに「22H2」への自動アップデートを順次開始 |
https://taisy0.com/2023/01/28/167703.html
|
microsoft |
2023-01-28 12:43:02 |
python |
Pythonタグが付けられた新着投稿 - Qiita |
pythonでのMPI並列化 |
https://qiita.com/hiro949/items/4c4082c7c9147a741fe4
|
mpipy |
2023-01-28 21:48:30 |
python |
Pythonタグが付けられた新着投稿 - Qiita |
Houdiniのよく使うノード群をテンプレート化して使い回す |
https://qiita.com/Akira_/items/b885b8bd666ad9b6f505
|
houdini |
2023-01-28 21:36:50 |
Ruby |
Rubyタグが付けられた新着投稿 - Qiita |
Ruby on Rails Webアプリケーションの雛形を作ろう |
https://qiita.com/ta--i/items/68d5c12ac307b739713d
|
lsnewoutputprojectsdmysql |
2023-01-28 21:58:53 |
AWS |
AWSタグが付けられた新着投稿 - Qiita |
非SAPエンジニアが、四苦八苦してAWS Certified: SAP on AWS - Specialty 試験 (PAS-C01)に合格した話 |
https://qiita.com/yes_dog/items/c839efbaa2d2d94bdc94
|
ertifiedsaponawsspecialty |
2023-01-28 21:47:00 |
Docker |
dockerタグが付けられた新着投稿 - Qiita |
NestJSをインストールしてDockerで動かすところまでやる |
https://qiita.com/yuuri23/items/6bfe9bb11727a80d12fd
|
docker |
2023-01-28 21:57:20 |
Azure |
Azureタグが付けられた新着投稿 - Qiita |
Debian11/UbuntuLTS環境でAzure ファイル共有に接続する際必要なパッケージ(と作業メモ) |
https://qiita.com/NMRt/items/5e6785cb9f237f3f2b14
|
mountmntxxxxxxxbadopt |
2023-01-28 21:35:04 |
Ruby |
Railsタグが付けられた新着投稿 - Qiita |
Ruby on Rails Webアプリケーションの雛形を作ろう |
https://qiita.com/ta--i/items/68d5c12ac307b739713d
|
lsnewoutputprojectsdmysql |
2023-01-28 21:58:53 |
海外TECH |
DEV Community |
Using ES6 Proxy for Cross-cut Concerns - A Real-world Example |
https://dev.to/zenstack/using-es6-proxy-for-cross-cut-concerns-a-real-world-example-5ggd
|
Using ES Proxy for Cross cut Concerns A Real world ExampleProxy is not a new thing it was released as part of the ECMAScript spec in However it stood out as a distinct new feature because unlike most other additions Proxy works on the fundamental level of object manipulation It cannot be compiled down to previous versions of Javascript As a very powerful language feature it enables many exciting new programming patterns but at the same time it s also something that s not widely used in real applications This post gives an example of a real world problem that Proxy solves elegantly BackgroundProxies are objects that wrap around other objects The wrapping is transparent so from the user s point of view using the proxied object feels exactly like the original object except that some behaviors can be altered by the proxy Proxy works by allowing you to trap several fundamental operations on objects e g getting a property setting a property calling a method getting the object s prototype etc A simple example looks like this const target x const proxied new Proxy target get target prop receiver gt console log Accessing property prop return Reflect get target prop receiver A Proxy object is created with a target object and a handler The handler contains trap implementations and here we only intercepted the property getter A line of log will be printed when you access proxied x Accessing property xNote the Reflect get method is a utility for passing through the intercepted operation to the underlying target object Proxies are most useful for implementing cross cut concerns like LoggingAuthentication AuthorizationFunction parameter validationData binding and observables… The ProblemWe ve been using ORM tools to handle databases during the development of numerous Node js based web applications in the past few years Among all tools we tried Prisma became our favorite given its intuitive data modeling syntax and fantastic ability to generate type safe CRUD APIs that are super pleasant to use Here s a quick example of how data are modeled with Prisma if it s new to you model User id String id default uuid email String password String posts Post model Post id String id default uuid title String published Boolean default false author User relation fields authorId references id authorId String We loved how succinctly we could define our entities However an application s data model is more than just the shapes of its entities there s a missing piece Access control who can do what to which data is an equally important part and we want it to stay together with the data model Ideally we want the schema to look like this model Post id String id title String published Boolean default false author User relation fields authorId references id authorId String author can read his own posts other users can read published ones allow read auth author published Note auth is a function for getting the current user in session With the access control policies in place we wished to stretch Prisma and let it enforce the policy rules when conducting database CRUD operations As a result it could bring us two benefits Simpler codeIt can eliminate the need to write imperative authorization logic and greatly simplify our backend code Fewer bugsA single source of truth helps avoid the kind of bugs where you change access control rules but forget to update some parts of your services The SolutionImplementing the idea was a challenging job It involves two main tasks Building a DSL that extends Prisma s schema languageAugmenting Prisma s behavior at runtime to enforce access controlThe first task by itself is a big topic and I ll save it for another post So instead let s focus on here It s a typical cross cut problem the access control rules are attached to data models and they should apply horizontally across your entire backend all API endpoints where the models are used The desired behaviorWith a regular PrismaClient if you execute return all Post entities in the dbconst posts await prisma post findMany you ll get all the Post entities in the database With an augmented client we should only get the posts that are supposed to be readable to the current user According to our policy rules that would be all posts owned by the user plus all published posts augment Prisma with access policy supportconst policyClient withPolicy prisma return all Post owned by the current user and all published postsconst posts await policyClient post findMany We need to create a wrapper around a regular PrismaClient preserve its APIs and intercept its method calls so we can inject access policy checks Yes interception that s what Proxy is all about Let Proxy work its magicSince a PrismaClient manages multiple data models we need to do a two level proxying the first level is to intercept data model property access i e prisma post and prisma user and the second level is the actual database APIs findMany update etc Let s set up our code structure first for the two levels of proxying For simplicity I hard coded the model name post and also only dealt with the findMany method const prisma new PrismaClient function createCrudProxy model string db any return new Proxy db get target prop receiver gt if prop findMany return args any gt console log Calling model prop with args JSON stringify args return Reflect get target prop receiver args else return Reflect get target prop receiver const policyClient new Proxy prisma get target prop receiver gt const propValue Reflect get target prop receiver if prop post return createCrudProxy prop propValue else return propValue The code above simply logs the API call without changing its behavior We can verify if it works const posts await policyClient post findMany orderBy createdAt desc console log Posts posts It gives output like this Calling post findMany with args orderBy createdAt desc Posts id deb b a b babb createdAt T Z updatedAt T Z published false title We build ZenStack authorId ecbe a a abfc id bf ab a b dac createdAt T Z updatedAt T Z published true title Prisma is awesome authorId dbec d bdac ddab Now we re ready to add access policy check logic into our proxy code function getSessionUser This is just a stub for the sake of the example In a real application get the current user from the session return id user function getQueryGuard model string policy allow read auth author published return OR author id getSessionUser id published true function createCrudProxy model string db any return new Proxy db get target prop receiver gt if prop findMany return args any gt const guard getQueryGuard model const augmentedArgs args where args where AND args where guard guard console log Augmented args JSON stringify augmentedArgs return Reflect get target prop receiver augmentedArgs else return Reflect get target prop receiver As you can see the main thing we did was augment the query argument passed to the findMany method and inject the policy conditions into the where clause In the sample code the getQueryGuard method is hard coded but in the real world it should be generated by the schema compiler from the policy expression allow read auth author published Now if you rerun the query const posts await policyClient post findMany orderBy createdAt desc console log Posts posts Thanks to the injected filters you should see the result got filtered only published posts are returned Augmented args orderBy createdAt desc where OR author id user published true Posts id bf ab a b dac createdAt T Z updatedAt T Z published true title Prisma is awesome authorId dbec d bdac ddab This is a greatly simplified version of the full implementation but I hope you get the idea of how straightforward it is to use Proxy to create transparent wrappers around objects and alter their runtime behaviour and at the same time fully preserve the original typing The outcome of our work on enhancing Prisma ORM is the ZenStack project The toolkit helped us greatly reduce the backend code and resulted in more robust products PerformanceProxies add a level of indirection which will incur some performance penalty Let s evaluate how much that is const loopCount console log Looping for loopCount times console time Regular prisma for let i i lt loopCount i const posts await prisma post findMany orderBy createdAt desc console timeEnd Regular prisma console time Proxied prisma for let i i lt loopCount i const posts await policyClient post findMany orderBy createdAt desc console timeEnd Proxied prisma The result is as follows on my MacBook Pro with M chip Looping for times Regular prisma sProxied prisma sThe difference is around Not bad My benchmark used SQLite database so the data query part is very fast In reality if you use a remote database the overhead induced by Proxy will be an even smaller fragment and likely negligible Proxies also have memory overhead For my scenario it s not essential because I will not have tons of wrappers created However this can be something worth evaluating if your situation differs More Things to StudyAlthough Proxy is not an everyday feature to use for Javascript there re some excellent projects built upon it Check these examples if you re interested in knowing more about its potential Vue js Vue s reactive state is implemented with Proxy SolidJSSolidJS is a reactive Javascript library It uses Proxy to implement its reactive stores ImmerJSImmer is a package that allows you to work with immutable state in a more convenient way It uses Proxy to track updates to immutable states when running in an ES environment ZenStackZenStack supercharges Prisma ORM with a powerful access control layer Its enhancement to Prisma is implemented with Proxy These projects show that Javascript is much more fun than just DOM manipulation and API calls You can find the full sample code here |
2023-01-28 12:21:51 |
海外TECH |
CodeProject Latest Articles |
Wexstream - Video Conferencing Platform with Node.js, React and Jitsi |
https://www.codeproject.com/Articles/5353196/Wexstream-Video-Conferencing-Platform-with-Node-js
|
jitsi |
2023-01-28 12:37:00 |
ニュース |
@日本経済新聞 電子版 |
対話AIのChatGPT、米名門大のMBA合格レベル
https://t.co/LXfJcZsGB1 https://t.co/vDRH8TPafC |
https://twitter.com/nikkei/statuses/1619311860993359872
|
chatgpt |
2023-01-28 12:30:07 |
ニュース |
@日本経済新聞 電子版 |
松野博一官房長官の秘書、辞表提出へ 酒気帯び運転疑い
https://t.co/PJJXD3ckGU |
https://twitter.com/nikkei/statuses/1619308994987978753
|
官房長官 |
2023-01-28 12:18:44 |
ニュース |
@日本経済新聞 電子版 |
木造ビル、なぜ増加? 地震・火事に強い技術が登場
https://t.co/kmeyym4yPl |
https://twitter.com/nikkei/statuses/1619307238962921472
|
木造ビル |
2023-01-28 12:11:45 |
ニュース |
@日本経済新聞 電子版 |
新幹線、移ろう誘致熱 静岡知事「リニアは存亡の危機」
https://t.co/jqvPDLmmhq |
https://twitter.com/nikkei/statuses/1619304970997895168
|
静岡 |
2023-01-28 12:02:44 |
海外ニュース |
Japan Times latest articles |
Japan’s monthly COVID-19 deaths top 10,000 for first time |
https://www.japantimes.co.jp/news/2023/01/28/national/japan-10000-deaths-covid/
|
november |
2023-01-28 21:27:41 |
海外ニュース |
Japan Times latest articles |
Leaders of ‘Luffy’ robberies in Japan suspected of being behind Manila fraud ring |
https://www.japantimes.co.jp/news/2023/01/28/national/crime-legal/luffy-japan-robberies-suspects/
|
Leaders of Luffy robberies in Japan suspected of being behind Manila fraud ringThe suspected Luffy mastermind and three others appear to be senior members of a fraud group from which members were detained in the Philippines |
2023-01-28 21:04:36 |
海外ニュース |
Japan Times latest articles |
Aryna Sabalenka wins Australian Open for first Grand Slam crown |
https://www.japantimes.co.jp/sports/2023/01/28/tennis/aryna-sabalenka-australian-open/
|
Aryna Sabalenka wins Australian Open for first Grand Slam crownAn emotional Aryna Sabalenka battled back from a set down to beat Elena Rybakina and win the Australian Open on Saturday for her first major |
2023-01-28 21:15:01 |
ニュース |
BBC News - Home |
Flybe: Regional carrier ceases trading and cancels all flights |
https://www.bbc.co.uk/news/uk-64436500?at_medium=RSS&at_campaign=KARANGA
|
flybe |
2023-01-28 12:37:07 |
ニュース |
BBC News - Home |
Hexham stabbing: Teen arrested on suspicion of murder after girl, 15, dies |
https://www.bbc.co.uk/news/uk-england-tyne-64438430?at_medium=RSS&at_campaign=KARANGA
|
northumberland |
2023-01-28 12:44:41 |
ニュース |
BBC News - Home |
Jerusalem shooting: 13-year-old held over second attack in days |
https://www.bbc.co.uk/news/world-middle-east-64438905?at_medium=RSS&at_campaign=KARANGA
|
daysa |
2023-01-28 12:51:19 |
ニュース |
BBC News - Home |
Australian Open 2023: Aryna Sabalenka beats Elena Rybakina to win Melbourne title |
https://www.bbc.co.uk/sport/tennis/64437033?at_medium=RSS&at_campaign=KARANGA
|
Australian Open Aryna Sabalenka beats Elena Rybakina to win Melbourne titleAryna Sabalenka wins her first Grand Slam singles title by fighting back to beat Elena Rybakina in the Australian Open final |
2023-01-28 12:32:17 |
ニュース |
BBC News - Home |
IBSF World Championships 2023: Britain's Matt Weston ‘considered quitting’ before winning gold |
https://www.bbc.co.uk/sport/winter-sports/64437845?at_medium=RSS&at_campaign=KARANGA
|
IBSF World Championships Britain x s Matt Weston considered quitting before winning goldHow the Marines a Latvian and tea helped Matt Weston win Great Britain s first men s skeleton gold at the World Championships in years |
2023-01-28 12:19:43 |
コメント
コメントを投稿