Triplit LogoTriplitDocsFAQBlogPricing
    X / TwitterDiscord

    An astronaut gives a secret access code to an alien looking through a peek hole of a closed door

    If you know you know: permissions that work with links and access codes

    TLDR

    We improved flexibility for access controls, improved our SQLite storage, and published a blog on what Local First means.

    Access control for access codes (and other public data)

    Triplit now has an easier way to reference data from a requested query itself in a permission on a collection. This pattern leads to powerful new ways of controlling access to data, especially when you want to allow public access to some data with an access code or if you only want to allow access to a document if you know its id.

    Let's say you you're creating a document sharing app. You may start by only letting the author read their own document. You can do this by adding a permission rule to your schema like this:

    {
    documents: {
        schema: S.Schema({
            id: S.Id(),
            title: S.String(),
            content: S.String(),
            authorId: S.String(),
        }),
        permissions: {
            authenticated: {
                read: {
                    filter: [
                        // Only the author can read their own documents
                        ['authorId', '=', '$role.userId']
                    ],
                }
            }
        }
    }
}

    However if you want to allow a user to share an access link to the document that anyone can use, this rule would be too strict. What you want to add is "anyone who knows this document's id can access the document". But this can trivially be supported in Triplit by leveraging query variables, which allow you to pass extra data to a query. By adding the following permission to the schema:

    {
    read: {
        filter: [
            // One of the following must be true
            or([
                // The author can read their own documents
                ['authorId', '=', '$role.userId']
                // Anyone can read the document if they know the id
                ['id', '=', '$query.docId']
            ])
        ],
    }
}

// Create a query like this
const query = client.query('documents')
    .Where('id', '=', '1234')
    .Vars({ docId: '1234' });
const document = await client.http.fetch(query);

    Now your app can generate an access link like https://myapp.com/share/1234 and use that id (1234) to fetch a document as needed!

    Pruning SQLite's Write Ahead Log

    Triplit Cloud uses SQLite as its underlying storage engine. SQLite has a feature called Write Ahead Logging (WAL) that allows for greater read and write concurrency. However, the WAL file can grow indefinitely if not pruned. We've added a new background task that prunes the WAL file to keep it from growing too large. This is done automatically and doesn't require any configuration.

    Other Improvements

    • Fixed an issue where Triplit Cloud servers would intermittently disconnect inactive websocket connections
    • Fixed a regression in the Console that caused initial data to not be displayed until the user clicked on a collection
    • Significant improvements to the efficiency of some server subscriptions particularly with complex permissions... more coming soon.
    • In the background we're building out our load testing and benchmarking suite and are excited to share results with you alongside a set of performance optimizations!