MongoDB World 2018: Evolving your Data Access with MongoDB Stitch
Download as PPTX, PDF0 likes213 views
Evolving Data Access with MongoDB Stitch Stitch is a platform for building applications that provides 4 services - QueryAnywhere, Functions, Mobile Sync, and Triggers. QueryAnywhere allows applications to safely execute MongoDB queries. Functions enable integrating server-side logic and cloud services. Mobile Sync synchronizes data between mobile devices and backend databases. Triggers allow applications to react to database changes in real-time. Stitch uses filters, roles, and rules to provide flexible and fine-grained access control when applications interact with and access data through Stitch and its SDKs, APIs, and integrated services. The roadmap for Stitch includes expanding availability, adding additional authentication options and services, and improving SDKs.
![Filters in Stitch
User
db.collection.find()
(plus user info)
db.collection.find({userid: "%%user.id"})db.collection.find({userid: "5b2..."})
[{
userid: "5b2..."
data: …
isSecret: false
},{
userid: "5b2..."
data: …
isSecret: true
}]
Results
{
"name": "userId",
"apply_when": {"%%true" : "%%true"},
"query": {"userid":"%%user.id"}
}
Filters contain an ApplyWhen and a
Query which is appended to a request](https://image.slidesharecdn.com/gramercyw1345drewdipalmamdbw18stitchdataaccessv2-180703173010/85/MongoDB-World-2018-Evolving-your-Data-Access-with-MongoDB-Stitch-12-320.jpg)
![Roles in Stitch NEW
[{
userid: "5b2..."
data: …
isSecret: false
},{
userid: "5b2..."
data: …
isSecret: true
}]
Roles are defined by Match statements,
evaluated per document, and assign a set of
Rules per document
User
{name: "Secret Data",
apply_when: {"isSecret": true},
fields: {…}
},
{name: "Not Secret Data",
apply_when: {"isSecret": False},
fields: {…}
}](https://image.slidesharecdn.com/gramercyw1345drewdipalmamdbw18stitchdataaccessv2-180703173010/85/MongoDB-World-2018-Evolving-your-Data-Access-with-MongoDB-Stitch-13-320.jpg)
![{name: "Secret Data",
apply_when: {"isSecret": true},
fields: {…}
},
{name: "Not Secret Data",
apply_when: {"isSecret": False},
fields: {…}
}
User
Rules in Stitch
"fields": {
"data": {"read": true}
},
"additional_fields": {
"read": false,
"write": false
}
Each Role has a set of matching Rules that
define read and write access at the field-level
[{
userid: "5b2..."
data: …
isSecret: false
},{
userid: "5b2..."
data: …
isSecret: true
}]](https://image.slidesharecdn.com/gramercyw1345drewdipalmamdbw18stitchdataaccessv2-180703173010/85/MongoDB-World-2018-Evolving-your-Data-Access-with-MongoDB-Stitch-14-320.jpg)
![Advanced Rules Syntax
{
"filters": [{
"name": "userId",
"apply_when": {"%%true" : "%%true"},
"query": {"userid":"%%user.id"}
}, … ],
"roles": [{
name: "Secret Data"
apply_when: {isSecret: false}
"fields": {
"data": {
"read": true
}
},
"additional_fields": {
"read": false,
"write": false
}}, … ],
"schema": {…}
}
Filters
Roles
Rules
Schema](https://image.slidesharecdn.com/gramercyw1345drewdipalmamdbw18stitchdataaccessv2-180703173010/85/MongoDB-World-2018-Evolving-your-Data-Access-with-MongoDB-Stitch-16-320.jpg)
![JSON Schema
schema: {
bsonType: "object",
required: ["userid", "data", "isSecret"],
properties: {
userid: {
bsonType: "objectid",
description: "The ID of the Stitch user"
},
data: {
bsonType: "string",
description: "must be a string and is not required"
},
isSecret: {
bsonType: "bool",
description: "True if the data is a secret"
}
additionalProperties: false
}](https://image.slidesharecdn.com/gramercyw1345drewdipalmamdbw18stitchdataaccessv2-180703173010/85/MongoDB-World-2018-Evolving-your-Data-Access-with-MongoDB-Stitch-17-320.jpg)
![Schema Validation NEW
schema: {
bsonType: "object",
required: ["userid", "data", "isSecret"],
properties: {
userid: {
bsonType: "objectid",
description: "The ID of the Stitch user"
},
data: {
bsonType: "string",
validate: {"%%true": {"%function": {
"name": "isValid",
"arguments": ["%%user", "%%this"]}}}
description: "must be a string and is not required"
},
isSecret: {
bsonType: "bool",
description: "True if the data is a secret"
}
additionalProperties: false
}](https://image.slidesharecdn.com/gramercyw1345drewdipalmamdbw18stitchdataaccessv2-180703173010/85/MongoDB-World-2018-Evolving-your-Data-Access-with-MongoDB-Stitch-18-320.jpg)
MongoDB World 2018: Evolving your Data Access with MongoDB Stitch
- 1. Evolving Data Access with MongoDB Stitch Drew DiPalma – Product Manager, Cloud
- 4. Rendering Data App ServerDatabase IoT DevicesPhone Browser State Logic CRUD Email QueuesAccess Control Payments State Sign On Service Coordination Images Applications are evolving
- 5. How do we evolve? Application are living in more locations: • 48% of apps have backends deployed to a public cloud • 58% of apps are now developed for multiple platforms More is expected of development: • 64% of developers identified as Full-stack (2017) Too much time is spent on maintaining: • 41% of time spent maintaining • 39% on new projects Communicate simply Adapt to the environment around us Sustainable, longterm solutions
- 6. Rendering Data Database IoT DevicesPhone Browser CRUD Email Queues Access Control Payments State Sign On Service Coordination Images Logic State
- 7. Stitch is comprised of 4 services – QueryAnywhere Brings MongoDB's rich query language safely to your application Build full apps for iOS, Android, Web, and IoT Functions Integrate microservices + server-side logic + cloud services Power apps with Server-side logic, or enable Data as a Service with custom APIs. Mobile Sync Automatically synchronizes data between documents held locally in MongoDB Mobile and your backend database (coming soon) Triggers Real-time notifications let your application functions react in response to database changes App responds immediately to change
- 9. Stitch QueryAnywhere • Write generic queries from applications • Respond with precise information based on the request SDKs: • JavaScript, Android, and iOS SDKs • Integrated Authentication, Database, and Service requests Stitch Rules: • Fine-grained access rules relating to all aspects of Stitch • Access to context from users, request, external services, functions, etc.
- 10. MongoDB Query Language + Native DriversIntegrated Rules Functions3rd Party Services Native SDKs (JavaScript, Android, iOS) Rest API How Applications interact with Stitch –
- 12. Filters in Stitch User db.collection.find() (plus user info) db.collection.find({userid: "%%user.id"})db.collection.find({userid: "5b2..."}) [{ userid: "5b2..." data: … isSecret: false },{ userid: "5b2..." data: … isSecret: true }] Results { "name": "userId", "apply_when": {"%%true" : "%%true"}, "query": {"userid":"%%user.id"} } Filters contain an ApplyWhen and a Query which is appended to a request
- 13. Roles in Stitch NEW [{ userid: "5b2..." data: … isSecret: false },{ userid: "5b2..." data: … isSecret: true }] Roles are defined by Match statements, evaluated per document, and assign a set of Rules per document User {name: "Secret Data", apply_when: {"isSecret": true}, fields: {…} }, {name: "Not Secret Data", apply_when: {"isSecret": False}, fields: {…} }
- 14. {name: "Secret Data", apply_when: {"isSecret": true}, fields: {…} }, {name: "Not Secret Data", apply_when: {"isSecret": False}, fields: {…} } User Rules in Stitch "fields": { "data": {"read": true} }, "additional_fields": { "read": false, "write": false } Each Role has a set of matching Rules that define read and write access at the field-level [{ userid: "5b2..." data: … isSecret: false },{ userid: "5b2..." data: … isSecret: true }]
- 15. Stitch Rules UI Basic Rules UI • Visual Rules • Simple Read/Write rules only • Ideal for POC/getting started Advanced Rules UI • Fully editable JSON • Advanced configuration options • Maps directly to app structure
- 16. Advanced Rules Syntax { "filters": [{ "name": "userId", "apply_when": {"%%true" : "%%true"}, "query": {"userid":"%%user.id"} }, … ], "roles": [{ name: "Secret Data" apply_when: {isSecret: false} "fields": { "data": { "read": true } }, "additional_fields": { "read": false, "write": false }}, … ], "schema": {…} } Filters Roles Rules Schema
- 17. JSON Schema schema: { bsonType: "object", required: ["userid", "data", "isSecret"], properties: { userid: { bsonType: "objectid", description: "The ID of the Stitch user" }, data: { bsonType: "string", description: "must be a string and is not required" }, isSecret: { bsonType: "bool", description: "True if the data is a secret" } additionalProperties: false }
- 18. Schema Validation NEW schema: { bsonType: "object", required: ["userid", "data", "isSecret"], properties: { userid: { bsonType: "objectid", description: "The ID of the Stitch user" }, data: { bsonType: "string", validate: {"%%true": {"%function": { "name": "isValid", "arguments": ["%%user", "%%this"]}}} description: "must be a string and is not required" }, isSecret: { bsonType: "bool", description: "True if the data is a secret" } additionalProperties: false }
- 19. Access via Stitch SDK
- 20. Stitch SDKs Stitch provides: • Layer of server-side logic • Ability to set strict API access rules • Field-level data access on MongoDB User Filters Roles Rules
- 21. Access via API
- 22. APIs within Stitch Stitch provides: • Ability to link HTTP and Users • Ability to set strict API access rules • Field-level data access on MongoDB HTTP Request Execute As -> Filters Roles Rules
- 24. Service Interactions within Stitch Stitch provides: • Safe service coordination • Rules applied throughout runtime • Callable from SDK, API, or Event User HTTP Request
- 25. What’s next for Stitch?
- 26. Stitch Roadmap xx Everywhere Bring any MongoDB Available self-hosted Expand Regional footprint Realtime Authentication Triggers Timed Triggers SDK improvements Simple to use User/Log Management Authentication Options Additional Services More SDKs
- 27. • Check out another talk on Stitch – • Pissing Off IT and Delivery: A Tale of 2 ODS’s – 2:35 in Grammercy W • Ch-Ch-Ch-Changes: Taking Your Stitch Application to the Next Level – 2:35 in Murray Hill E • Ship It Faster with MongoDB Stitch – 3:30 in Grammercy W • MongoDB Mobile Introduction – 3:30 in Gibson • Decentralized Identity Management with Blockchain and MongoDB – 4:20 in Madison • Try out Stitch – stitch.mongodb.com • Check out SDKs and examples • Code at – github.com/mongodb/stitch-examples • Docs at – docs.mongodb.com/Stitch • Build the Dashboard or Weather IoT apps in our Tutorials section • Ask Questions or let us know what you’re building through Intercom What next?