-
-
Notifications
You must be signed in to change notification settings - Fork 0
/
schema.zmodel
75 lines (64 loc) · 1.73 KB
/
schema.zmodel
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
datasource db {
provider = 'postgresql'
url = env('DATABASE_URL')
}
/*
* User model
*/
model User {
id String @id @default(cuid())
email String @unique
emailVerified DateTime?
// @password indicates the field is a password and its
// value should be hashed (with bcrypt) before storing
// @omit indicates the field should not be returned on read
password String @password @omit
name String?
list List[]
todos Todo[]
// everybody can signup
@@allow('create', true)
// can be read by other users
@@allow('read', auth() != null)
// can only be updated and deleted by self
@@allow('update,delete', auth() == this)
}
/*
* Todo list model
*/
model List {
id String @id @default(uuid())
createdAt DateTime @default(now())
updatedAt DateTime @updatedAt
title String
private Boolean @default(false)
ownerId String
owner User @relation(fields: [ownerId], references: [id], onDelete: Cascade)
todos Todo[]
// require login
@@deny('all', auth() == null)
// owner has full access
@@allow('all', auth() == owner)
// can be read by anyone if is public
@@allow('read', !private)
}
/*
* Todo model
*/
model Todo {
id String @id @default(uuid())
createdAt DateTime @default(now())
updatedAt DateTime @updatedAt
owner User @relation(fields: [ownerId], references: [id], onDelete: Cascade)
ownerId String
list List @relation(fields: [listId], references: [id], onDelete: Cascade)
listId String
title String
completedAt DateTime?
// require login
@@deny('all', auth() == null)
// list owner has full access
@@allow('all', list.owner == auth())
// can be read by anyone if is public
@@allow('read', !list.private)
}