feat: refactor schema to make it DRY

zenstackhq · Jul 24, 2024 · 41be547 · 41be547
1 parent f398f80
commit 41be547
Show file tree

Hide file tree

Showing 2 changed files with 19 additions and 19 deletions.
diff --git a/prisma/schema.prisma b/prisma/schema.prisma
@@ -71,11 +71,11 @@ model User {
   accounts      Account[]
 }
 
-/// @@deny('all', auth() == null)
-/// @@allow('read', owner == auth() || (space.members?[user == auth()] && !private))
+/// @@allow('read', owner == auth() || space.members?[user == auth()])
 /// @@allow('create', owner == auth() && space.members?[user == auth()])
 /// @@allow('update', owner == auth() && space.members?[user == auth()] && future().owner == owner)
 /// @@allow('delete', owner == auth())
+/// @@deny('read', private == true && owner != auth())
 model List {
   id        String   @id() @default(uuid())
   createdAt DateTime @default(now())
@@ -91,7 +91,6 @@ model List {
 }
 
 /// @@allow('all', check(list, 'read'))
-/// @@deny('update', future().owner != owner)
 model Todo {
   id          String    @id() @default(uuid())
   createdAt   DateTime  @default(now())

diff --git a/schema.zmodel b/schema.zmodel
@@ -4,7 +4,7 @@
 
 datasource db {
     provider = 'postgresql'
-    url = env('DATABASE_URL')
+    url       = env("DATABASE_URL")
 }
 
 generator js {
@@ -107,26 +107,18 @@ model User {
     @@allow('all', auth() == this)
 }
 
-/**
- * Model for a Todo list
- */
-model List {
+abstract model BaseEntity {
     id        String   @id @default(uuid())
     createdAt DateTime @default(now())
     updatedAt DateTime @updatedAt
+
     space     Space    @relation(fields: [spaceId], references: [id], onDelete: Cascade)
     spaceId   String
     owner     User     @relation(fields: [ownerId], references: [id], onDelete: Cascade)
     ownerId   String   @default(auth().id)
-    title     String   @length(1, 100)
-    private   Boolean  @default(false)
-    todos     Todo[]
-
-    // require login
-    @@deny('all', auth() == null)
 
-    // can be read by owner or space members (only if not private) 
-    @@allow('read', owner == auth() || (space.members?[user == auth()] && !private))
+    // can be read by owner or space members 
+    @@allow('read', owner == auth() || (space.members?[user == auth()]))
 
     // when create, owner must be set to current user, and user must be in the space
     @@allow('create', owner == auth() && space.members?[user == auth()])
@@ -139,6 +131,18 @@ model List {
     @@allow('delete', owner == auth())
 }
 
+/**
+ * Model for a Todo list
+ */
+model List extends BaseEntity {
+    title   String  @length(1, 100)
+    private Boolean @default(false)
+    todos   Todo[]
+
+    // can't be read by others if it's private
+    @@deny('read', private == true && owner != auth())
+}
+
 /**
  * Model for a single Todo
  */
@@ -155,9 +159,6 @@ model Todo {
 
     // full access if the parent list is readable
     @@allow('all', check(list, 'read'))
-
-    // update cannot change owner
-    @@deny('update', future().owner != owner)
 }
 
 /**