Skip to content

Configuration - Limits

Eicrud provides various ways to limit what users can do in your application.

Note

Most of these limits are enforced at the controller level. This means they will only apply when calling operations from the client.

CrudSecurity

service.security.ts
export function getSecurity(entity: string): CrudSecurity { 
    return {

    maxItemsInDb: 1000,
    maxItemsPerUser: 10,
    additionalItemsInDbPerTrustPoints: 1,
    alwaysExcludeFields: ['password']
    skipQueryValidationForRoles: [],
    alwaysAllowedCrudOptions: [],
    //...

    }
}

maxItemsInDb

Limit how many instances of an entity can be stored in DB. If maxItemsInDb is exceeded, calls to CrudService->$create will throw an error.

maxItemsPerUser

Limit how many instances of an entity a user can create.

Note

You can set a default maxItemsPerUser for all your services in the validation options.

additionalItemsInDbPerTrustPoints

Add x additional allowed instances per user's trust points.

alwaysExcludeFields

Always exclude specified entity fields from find operations.

skipQueryValidationForRoles

Disable read, update and delete query validation for specified roles (and their parents). See this issue for more details.

alwaysAllowedCrudOptions

Always allow specified CrudOptions (for all roles).

CrudSecurityRights

service.security.ts
rolesRights: {
    user: {
        maxBatchSize: 200,
        fields: ['size', 'price']
        // ...
    }
}

maxBatchSize

Allow a specific role to perform batch operations.

Note

You might want to keep batch size low for large entities. A large batch size will cause your server to use more RAM to operate.

fields

Limit the entity fields returned in find operations (to users of specified role).

CmdSecurity

command.security.ts
const getCmdSecurity = (command, user): CmdSecurity => { 
    return {

    maxUsesPerUser: 100,
    additionalUsesPerTrustPoint: 1,
    minTimeBetweenCmdCallMs: 500, //ms
    secureOnly: true,
    nonAdminQueryLimit: 50,
    adminQueryLimit: 200
    //...

    }
}

maxUsesPerUser

Limit how many times a user can call the command.

additionalUsesPerTrustPoint

Add x additional uses per user's trust points.

minTimeBetweenCmdCallMs

Minimum time required between cmd calls (for a specific user).

secureOnly

Indicate that the command can only be called in secure mode (POST). Secure mode always fetches the ctx.user from the database and never from the cache.

nonAdminQueryLimit

The default CrudOptions->limit set when calling the command (for non-admin users).

adminQueryLimit

The default CrudOptions->limit set when calling the command (for admin users).

Note

CrudOptions->limit can be used in commands to return limited results. See this tutorial for more info.

LimitOptions

eicrud.config.service.ts
const limitOptions: LimitOptions = {
    nonAdminQueryLimit: 40,
    adminQueryLimit: 400,
    nonAdminQueryLimit_IDS: 4000,
    adminQueryLimit_IDS: 8000,
    maxFindInIdsLength: 250,
}

@Injectable()
export class MyConfigService extends CrudConfigService {
    constructor(/* ... */) {
        super({ limitOptions, /* ... */})
    }
    //..
}