Hi, I’m new to Fauna.
I’m building a DB for a SaaS. Users are authenticated outside of Fauna (Firebase). All requests are made from client to server using REST, and server to Fauna using FQL. The server has access to userId (parsed from authorization token) which is not represented as entity in Fauna.
I want to be able to define ownerId for each record, and then make sure that each user is only reading/updating/creating their own data.
- Create - I just added ownerId field by the server into each doc
- Read - I’ve created indexes that always filters by ownerId in addition to whatever else I needed
- Update - this is where I’m stuck - let’s say the client is trying to update entity with id 123. They send the revised JSON to the server. The server now wants to update entity with id 123, but only if ownerId of that entity is the user’s id. In SQL I’d do
UPDATE foo SET .... WHERE fooId='123' and ownerId='xxx' ....
What’s the best practice to achieve this with Fauna if users are managed externally?
Note: I’ve read about multi-tenancy DB and thought perhaps I should create a child DB for each user. But then I realized that child DBs do not inherit the schema of their parent DB, so it seem to be not practical to maintain a separate schema for each customer.