Nplex

CUPUM
4

Plateforme de valorisation de petits projets d'architecture et d'aménagement à Montréal.

#sveltekit #montreal #landscape #architecture #design #urban-design #postgresql #drizzle-orm #svelte

Getting started

Using the prescribed package manager

The project's monorepo expects you to use pnpm as the package manager to enable proper use of its workspace features. Using npm is not indicated. This allows dependency optimizations with shared and cached packages on developement or production devices. If you do not have pnpm installed, please refer to: https://pnpm.io/installation or simply proceed with either:

# brew (preferred method)
brew install pnpm

# npm
npm install -g pnpm

Completing your local setup

Before building or starting any service, make sure to define the required environment variables in a .env file at the root of the repo. A reference .env.template is provided to help identify required variables. Any populated .env files are not included in commits, and never should be, as they contain sensitive information for service authentications.

Install

Install the project (and automatically run it's prepare script):

pnpm install

Other scripts

Drizzle-kit has some trouble using the project's own tsconfig generated by SvelteKit, we thus provide a helper to alias drizzle-kit scripts:

# Run a drizzle-kit related script using the proper ts config
pnpm db:run

This script is also used to provide further shorthands, such as:

# Generate a new migration
pnpm db:gen

# Apply migrations to the remote database
pnpm db:apply

# Scaffold a full new db, using both gen and apply. Used notably during quick testing.
pnpm db:scaffold

Users and permissions

Throughout the app, authorizations are controled based on two complementeray strategies:

Role-based access control (RBAC)
Attribute-based access control (ABAC)

Role-based access control

Role-based constraints simply check if a user can access data or complete operations on data by checking against their role. It differs from row-specific strategies in that it is only concerned with data-agnostic permissions (associated with tables, rows, etc.).

Attribute-based access control

These constraints take the form of fine-grained _meta_data queries. They are generally used after RBAC step(s) have been passed, and are layered within database CRUD queries to reduce back-and-forths as well as limit query scopes in an app-side RLS-esque fashion.

_{:copyright: UNESCO Chair in Landscape and Environement}

Top categories

tailwind daisyui admin template popup mdsvex portfolio blog form ecommerce ui carousel auth dark seo image routing