rowy icon indicating copy to clipboard operation
rowy copied to clipboard

Published 20 hours ago verified publisher icon rowyio

Move code outside of schema documents

Open n-sviridenko opened this issue 3 years ago • 2 comments

Currently, the action scripts code is located at the same collection where the fields meta is located. Normally, it makes sense to let our team mates to adjust the data schema, but giving them ability to execute pretty much any code isn't secure. So it makes sense to have it encapsulated into a separate collection.

n-sviridenko avatar Feb 12 '22 16:02 n-sviridenko

We use rowy mainly to let our employees own the data structure. But that actual data management role-based access is managed by us. And having everyone being able to execute these scripts breaches its security.

n-sviridenko avatar Feb 12 '22 16:02 n-sviridenko

This issue would also apply to derivatives and extensions as well, if they get rebuilt without checking. I will look into moving all the code outside of schema docs, so you can allow your team mates to manage other column settings safely

shamsmosowi avatar Mar 06 '22 14:03 shamsmosowi