有projectACL這樣的:
projectAcl{
id:1,
projectId:1,
// those subDocuments can be also a groupId and reference for exteral document
auditors:[{userNAme:"John", userId:2},{userNAme:"Marry", userId:12}],
colaborators:[{userNAme:"Anna", userId:3},{userNAme:"Eric", userId:4}]
}
然後要求對象時 - 服務器端代碼需要申請「有效權限」
task{
id:23,
projectId:1,
/*
all fields needed here
*/
// and here we have fields aded in serwerSide code
readOnly:null //
}
readOnly - 如果將callculated快速檢查,如果我們在acl列表中有一個條目
聚合以下列出給定用戶的所有項目與ACL列表 - 這可能是有用的設置任務/項目權限或添加ñ額外的安全層使用CQRS模式
var givenUserId = 4;
var matchArraysByUser = {
$match : {
$or : [{
"auditors.userId" : givenUserId
}, {
"colaborators.userId" : givenUserId
}
]
}
}
var filterArrysByUser = {
$project : {
_id : 0,
projectId : 1, //all needed fields set to 1
colaborator : {
$filter : {
input : "$colaborators",
as : "colaborator",
cond : {
$eq : ["$$colaborator.userId", givenUserId]
}
}
},
auditor : {
$filter : {
input : "$auditors",
as : "auditor",
cond : {
$eq : ["$$auditor.userId", givenUserId]
}
}
},
}
}
var group = {
$group : {
_id : givenUserId,
"auditor" : {
$addToSet : {
$cond : {
if : {
$ne : ["$auditor", []]
},
then : "$projectId",
else : null
}
}
},
"colaborator" : {
$addToSet : {
$cond : {
if : {
$ne : ["$colaborator", []]
},
then : "$projectId",
else : null
}
}
}}}
db.projAcl.aggregate([matchArraysByUser, filterArrysByUser, group])
輸出:
{
"_id" : 4.0,
"auditor" : [
null,
2.0
],
"colaborator" : [
1.0,
null
]
}
感謝您的答覆,現在消化... – Augie
@Augie'null'可以被過濾掉,以避免噪音最後一個'$ project'階段 – profesor79
構建了這個測試,效果很棒!謝謝。 – Augie