• Stars
    star
    140
  • Rank 261,473 (Top 6 %)
  • Language
    TypeScript
  • License
    MIT License
  • Created over 4 years ago
  • Updated 2 months ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Entity is a privacy-aware data layer for defining, caching, and authorizing access to application data models.

Entity

Entity is a privacy-aware data layer for defining, caching, and authorizing access to application data models.

tests docs codecov npm NPM

Core Features

  • Declarative actor authorization using Privacy Policies
  • Configurable data storage using Database Adapters
  • Configurable, optional full-object caching using Cache Adapters
  • Dataloader in-memory caching
  • Well-typed model declaration

Getting Started

Background

Authorization is the process of determining whether a user has access to a piece of data or a feature.

One could imagine a simple application with users and their photos. The authorization logic is simple: when the user loads their photos, only query photos WHERE user_id = user.id. A more complex authorization system is most likely overkill at this point.

Now, lets add teams to our simple application, where users on the same team can see each others' photos. The authorization logic becomes more complex: WHERE user_id = user.id OR user_id IN (list of users for all organizations that user belongs to). While still maintainable, one can see that as requirements are added, this logic becomes increasingly difficult to express in just the query or simple checks in code.

A common next step is to add an authorization system on top of the data loading layer. Pundit, Django Rules, and Laravel Policies are examples of excellent libraries that provide a method to authorize a piece of loaded data in the following manner:

PhotoModel
    def authorize_read():
        if rules.is_photo_owner(user, photo)
            return true
        if rules.has_organization_permission(user, photo)
            return true
    def authorize_create():
        ...

PhotoView
    def render():
        photo = Photo.find(params[:id])
        authorize(photo, 'read')
        render_html(photo)

This works well and is flexible since it allows executing ad-hoc authorization checks. Most libraries also provide hooks into views or controllers such that these authorization checks are performed automatically. This is sufficient for many applications but still has one main drawback: it is prone to error in cases where the authorization check is forgotten or the incorrect check is performed.

The Entity framework solves this by adding an additional property to the system: all data accesses are authorized. Given an object and a viewer, the framework provides a clear and testable mechanism for expressing complex relationships between object and viewer needed to authorize access during CRUD operations, and makes it impossible to perform CRUD operations without performing the authorization checks. This combines the data load and authorization steps from above into a single step:

class PhotoPrivacyPolicy {
  const readRules = [
    new AllowIfOwnerRule(),
    new AllowIfOrganizationPermissionRule(),
  ];
}

// in the view, for example
async function get_photo_page(viewer: ViewerContext): string {
  const photo = await PhotoEntity.loader(viewer).loadById(id);
  return render_html(photo);
}

Use Case

Entity is not limited in where it can or should be used, but was designed for use in a Koa-like environment with a request and response. At Expo, we use Entity in the following manner:

  1. A request comes into Koa router
  2. Middleware initializes the Entity framework for the request
  3. A ViewerContext is created identifying the individual making the request.
  4. The request fulfiller uses the Entity framework and the ViewerContext to load or mutate some data and return a response.

Note: The entity framework instance should not be shared across multiple requests since it contains a unique memoized Dataloader. A long-lived instance is prone to data synchronization issues, especially when the application is scaled horizontally and multiple shared caches would exist for the same data.

Releasing

To release a new version:

  1. git checkout main
  2. yarn lerna publish [patch|minor|major] -- --conventional-commits
  3. In GitHub release interface, create a new release from the tag, copy changelog changes to release description.

License

The Entity source code is made available under the MIT license.

More Repositories

1

expo

An open-source framework for making universal native apps with React. Expo runs on Android, iOS, and the web.
TypeScript
33,454
star
2

create-react-native-app

Create React Native apps that run on iOS, Android, and web
TypeScript
13,151
star
3

expo-cli

Tools for creating, running, and deploying universal Expo and React Native apps
TypeScript
2,608
star
4

examples

Example projects that demonstrate how to use Expo APIs and integrate Expo with other popular tools
JavaScript
1,567
star
5

react-native-action-sheet

A cross-platform ActionSheet for React Native
TypeScript
1,384
star
6

router

[ARCHIVE]: Expo Router has moved to expo/expo -- The File-based router for universal React Native apps
TypeScript
1,367
star
7

xde

The Expo Development Environment
JavaScript
1,168
star
8

ex-navigation

Route-centric navigation for React Native
JavaScript
1,003
star
9

eas-cli

Fastest way to build, submit, and update iOS and Android apps
TypeScript
800
star
10

react-conf-app

TypeScript
791
star
11

google-fonts

Use any of the 1000+ fonts (and their variants) from fonts.google.com in your Expo app.
JavaScript
788
star
12

expo-github-action

Expo GitHub Action makes it easy to automate EAS builds or updates
TypeScript
782
star
13

fyi

Little bits of information that you may find useful when interacting with Expo tools and service. Append the markdown filename to https://expo.fyi/ to get a quick link to it.
759
star
14

expo-server-sdk-node

Server-side library for working with Expo using Node.js
TypeScript
674
star
15

vector-icons

JavaScript
646
star
16

expo-three

Utilities for using THREE.js on Expo
TypeScript
619
star
17

react-native-read-more-text

JavaScript
572
star
18

ex-navigator

Route-centric navigation built on top of React Native's Navigator
JavaScript
522
star
19

react-native-infinite-scroll-view

An infinitely scrolling view that notifies you as the scroll offset approaches the bottom
JavaScript
520
star
20

awesome-expo

Useful resources for creating apps with Exponent
468
star
21

exp

JavaScript
465
star
22

react-native-invertible-scroll-view

An invertible ScrollView for React Native
JavaScript
460
star
23

config-plugins

Out-of-tree Expo config plugins for packages that haven't adopted the config plugin system yet.
TypeScript
457
star
24

orbit

Accelerate your development workflow with one-click build launches and simulator management from your macOS menu bar
TypeScript
436
star
25

vscode-expo

Expo Tools keep you productive with debugging, IntelliSense, and prebuild previews
TypeScript
425
star
26

turtle

Standalone app builder service
TypeScript
384
star
27

snack

Expo Snack lets you run Expo in the browser.
TypeScript
366
star
28

react-native-appearance

Access operating system appearance information (currently only light/dark mode) on iOS, Android, and web
Java
337
star
29

expo-pixi

Tools for using pixi.js in Expo
JavaScript
300
star
30

custom-expo-updates-server

A simplified demonstration of expo-updates protocol use.
TypeScript
295
star
31

use-unmount-signal

A React Hook to cancel promises when a component is unmounted
TypeScript
292
star
32

web-examples

Examples of using Expo in the browser.
JavaScript
272
star
33

image-upload-example

Demonstration of how to upload images from the ImagePicker, using a node backend to upload to S3
JavaScript
228
star
34

snack-web

TypeScript
215
star
35

expo-phaser

Use Phaser.js on mobile with Expo GL
JavaScript
212
star
36

sentry-expo

TypeScript
201
star
37

fluxpybird

some ideas involving games and Redux
JavaScript
179
star
38

stripe-expo

Use the Stripe HTTP API in Expo without the DOM, node, or native deps
JavaScript
160
star
39

react-native-responsive-image

A responsive Image component that chooses the best-resolution image for the current screen
JavaScript
160
star
40

react-native-loading-container

A container component that takes care of loading/catching timeouts/retrying
JavaScript
156
star
41

camerja

JavaScript
156
star
42

dev-plugins

Out-of-tree Expo devtools plugins for packages that haven't adopted the Expo devtools plugin system yet.
TypeScript
152
star
43

playlist-example

JavaScript
151
star
44

match-media

Universal polyfill for match media API using Expo APIs on mobile
TypeScript
136
star
45

react-native-fade-in-image

JavaScript
118
star
46

atlas

Visualize React Native bundles to understand and optimize your app.
TypeScript
114
star
47

eslint-config-universe

Moved to https://github.com/expo/expo/tree/master/packages/eslint-config-universe
JavaScript
110
star
48

expo-2d-context

A pure-js implementation of the W3C's Canvas-2D Context API that can be run on either Expo Graphics or WebGL
HTML
110
star
49

audio-recording-example

Audio Recording Example
TypeScript
109
star
50

redux-effex

Spin off async functions to perform side effects
JavaScript
108
star
51

auth0-example

This example has moved
JavaScript
108
star
52

results

An efficient, standards-compliant library for representing results of successful or failed operations
TypeScript
102
star
53

firebase-storage-upload-example

This example has moved
JavaScript
98
star
54

sqlite-example

This example has moved
JavaScript
97
star
55

react-native-scrollable-mixin

A standard interface for your scrollable React Native components, making it easier to compose components.
JavaScript
94
star
56

expo-processing

Utilities for using Processing.js on Expo
JavaScript
93
star
57

videoplayer

Customizable controls for Expo video
JavaScript
83
star
58

snack-sdk

Snack SDK
JavaScript
83
star
59

react-apple-easing

Apple's default Core Animation easing functions for React
JavaScript
83
star
60

turtle-cli-example

Turtle CLI usage example (CircleCI & Travis CI)
Shell
81
star
61

eas-build

TypeScript
77
star
62

dire-dire-ducks

Flood your room with water and rubber duckies!
JavaScript
77
star
63

expo-preview-action

With this preview action, you can test changes made in pull requests via Expo Go or custom development client (created with expo-dev-client) just by scanning QR code.
JavaScript
75
star
64

status-bar-height

Listen to status bar changes during incoming calls and other multi-tasking events
JavaScript
73
star
65

expo-three-ar

Utilities for using Expo AR with THREE.js
TypeScript
72
star
66

react-native-image-gallery

JavaScript
71
star
67

pomodoroexp

https://expo.io/@community/pomodoro
JavaScript
70
star
68

react-native-refreshable-scroll-view

A ScrollView that supports pull-to-refresh. You can customize it with the RefreshIndicator and type of ScrollView (ex: ListView) of your choice.
JavaScript
61
star
69

spawn-async

A Promise-based interface into processes created by child_process.spawn
TypeScript
59
star
70

react-native-for-curious-people

Available through the Exponent iPhone or Android app:
JavaScript
59
star
71

UpdatesAPIDemo

Demo app showing the useUpdates() API
TypeScript
55
star
72

browser-polyfill

Browser polyfill for making React Native compatible with web libs like pixi.js, three.js, phaser.js
JavaScript
52
star
73

xdl

The Expo Development Library
TypeScript
47
star
74

harvard-cs50-app

Harvard's mobile application for CS50.
JavaScript
46
star
75

styleguide

Foundational styles for Expo interfaces.
TypeScript
45
star
76

hello-graphql

JavaScript
44
star
77

expo-graphics

Tools to help simplify working with three, pixi, phaser, ect...
JavaScript
44
star
78

detox-expo-helpers

JavaScript
43
star
79

expo-asset-utils

Utilities for parsing files references, and Expo Assets.
TypeScript
42
star
80

hackathon-examples

40
star
81

with-detox-tests

This template is no longer maintained! See https://github.com/yaron1m/expo-detox-typescript-example instead
JavaScript
39
star
82

react-native-scrollable-decorator

A standard interface for your scrollable React Native components, making it easier to compose components.
JavaScript
38
star
83

react-native-url-handler

Navigate to external URLs, handle in-app URLs, and access system URLs
Objective-C
36
star
84

rnplay

THIS REPOSITORY IS QUITE OLD AND NOT MAINTAINED! React Native Playground has been replaced by https://snack.expo.io. Look at this repository like you might look at tools in a museum, and don't touch it or actually use it
JavaScript
36
star
85

expo-twitter-login-example

This example has moved
JavaScript
34
star
86

react-native-image-picker-android

A camera and gallery image picker native module for Android, giving a subset of the API of https://github.com/marcshilling/react-native-image-picker
Java
34
star
87

eas-tests-example

Demo of running E2E tests on EAS Build
Java
33
star
88

react-loading-indicator

A loading indicator written purely in React that uses SVG and no images.
JavaScript
32
star
89

socket-io-example

This example has moved
29
star
90

expo-electron-adapter

This package wraps `electron-webpack` and adds support for Expo web and other universal React packages.
TypeScript
28
star
91

koa-graphiql

Koa middleware to display GraphiQL, the interactive GraphQL UI
JavaScript
27
star
92

video-background-example

This example has moved
JavaScript
27
star
93

gl-test

Examples and tests for OpenGL rendering in Expo.
JavaScript
26
star
94

three-ar-test

Using Expo's AR functionality with THREE.js
JavaScript
25
star
95

BrightSky

Learn how to use Expo with this simple weather app!
TypeScript
24
star
96

expo-postpublish-slack-notify

JavaScript
24
star
97

breakout

why not?
JavaScript
24
star
98

hyperinstall

Runs "yarn" and "npm install" in several directories with extreme speed when possible
JavaScript
23
star
99

electron-cookies

Provides document.cookie support for Electron
JavaScript
22
star
100

pound-random

Expo Blue - a discussion app for small groups
JavaScript
22
star