Where we are right now
User writes this
Not easy to write
a; DROP TABLE profile
Hard to check if query was correct or if there were errors
Can only write one statement
How can we make it better ?
- Keep the current approach but mitigate injection issues.
- Allow users to write some declarative meta language
- Allow users to write a small amount of custom code
Option 1 and 3 both involve using a library called Knex
1. Fix injection problems with Current Approach
Approach 1 (continued)
- User defines the raw query + arguments to be passed
- Knex builds a safe SQL statement
- SQL is hard to write
- User can still only write one statement per resolver
2. Allow users to write some declarative meta language
- No existing solution we can leverage
- Building one would be really hard and is not in our interest
Approach 3 - Allow Users to Write Code
Approach 3 (Continued)
- User code is run inside a sandboxed environment
- Cannot require()
- Cannot process.exit()
- User can do multiple queries and write some small pieces of business logic.
Custom Business Logic
- It's 5x slower than the original
- It can be modified so it's only a small bit slower.
- This opens up one case where the user code can crash the server
- We can only do this if we agree that a user 100% owns their server
- If they cause problems, they have to deal with it.
- We will not be able to support running code from different users in the same server - It's too dangerous
- If we want to do multi tenancy, we will need to solve it at another level
- Keep existing approach but mitigate injection issues with knex
- Can't do multiple queries
- Do people want to write SQL?
- Meta Language approach
- Might be nice but too much effort
- Users write some sandboxed code
- Flexible, multiple queries, business logic
- Multi-Tenancy Concerns
AeroGear DataSync Custom Resolvers Spike
By Dara Hayes