Vasat Documentation

Appearance

Getting started

A quick way to start is with the vasat blank project:

git@gitlab.correllink.com:vasat/vasat2-blank.git

Creating a Data Model

  1. Declare your custom model

models/Article.scala

scala
@JSONModel
case class Article(
    name:String,
    category:String,
    author:Ref[Author],
    datePosted:Date,
    active:Boolean
) extends PublicACL

@DBAuto
class ArticleRepo extends DBContext[Article,SlickBaseTable]
  1. Register model with your CrudService and declare it publicly accessible

lib/MyApp.scala

scala
...

@Singleton()
case class MyAppDB @Inject()( ... ) extends CrudService{

    val articleRepo = new ArticleRepo

    // declare this model as public
    PublicACL.attach(articleRepo)

    // register this model into the service
    override def modelContexts = Set(articleRepo)

    ...
}

And your done!

Using the browser you can use the endpoint

http://localhost:9000/api/Article

to browse your models.

You model will take on the Json representation

json
{
    "name":"The Vasat Guide",
    "category":"tech",
    "author":"xxxx-xxxxx-xxxx-xxxx",
    "datePosted":1723768147000,
    "active":true
}

Declaring routes

Vasat runs on the PlayFramework Custom endpoints are declared as per the play method. Routing to a url is described by the play documentation.

To take advantage of the automated access control rules Vasat has to offer there are some convenient helpers.

Declaring an ACLController

An ACL Controller integrates with the session management provided by Vasat core and the Authentication Module

controllers/MyController.scala

scala
class MyController @Inject()(
    val appDB:MyAppDB,
    val auth:PlayAuthenticator,
    implicit val executionContext:ExecutionContext) extends ACLController {


    }

Using the authenticator

The authenticator manages verification of your session and onlt executes the function block when its valid.

scala
def myFirstRoute = authService.isOk(parse.anyContent){ (r,ctx) => 
    Future.successful(Ok("Hello world"))
}

Using the api helper method

Quite often access to an API endpoint relies on access to an object in the DB. The api helper will check the requestor for a session token, and if that token has the declared permission to the corresponding object

scala

case class PurchaseRequest(itemId:String, quantity:Int)
case class PurchaseResponse(status:String, invoiceNumber:Option[String])

def purchase(id:String) = api[Account,PurchaseRequest,PurchaseResponse](id,"payment")({ (account,request,ctx) => 
    
    account // the account that this user must have the 'payment' permission to
    request // the PurchaseRequest object

    // do business logic
    PurchaseResponse("OK", Some("abc123")).validF
}