canDelRow
The canDelRow method lets you allow or disallow deletions of a Row stored on the server, as sent from a client.
canDelRow(
tableId: string,
rowId: string,
connection: Connection,
): Promise<boolean>| Type | Description | |
|---|---|---|
tableId | string | |
rowId | string | |
connection | Connection | |
| returns | Promise<boolean> |
This is one of the functions use to sanitize the data that is being sent from a client. Perhaps you might want to make sure the server-stored data adheres to a particular schema, or you might want to make certain data read-only. Remember that you cannot trust the client to only send data that the server considers valid or safe.
This method is passed the Table Id and Row Id that the client is trying to delete. The connection parameter will be the web socket connection of that client. You can, for instance, use this to distinguish between different users.
Return false from this method to disallow this Row from being deleted on the server, or true to allow it. The default implementation returns true to allow deletion.
Example
The following implementation will strip out any attempts by the client to delete the 'me' Row of the 'user' Table:
import {TinyBasePartyKitServer} from 'tinybase/persisters/persister-partykit-server';
export class MyServer extends TinyBasePartyKitServer {
canDelRow(tableId, rowId) {
return tableId != 'user' || rowId != 'me';
}
}
Since
v4.3.12