Add tutorials/03-server-modules-security.md
Feat(tutorials): add stubs for 03 Security (RBAC)
This commit is contained in:
parent
fff0dec262
commit
ec407aae5b
|
|
@ -0,0 +1,87 @@
|
|||
**`tutorials/03-server-modules-security.md`**
|
||||
|
||||
````markdown
|
||||
# 03 — Server Modules & Security
|
||||
|
||||
## Roles & Helper
|
||||
```python
|
||||
import anvil.server
|
||||
from anvil import users, secrets
|
||||
|
||||
ROLES = {"viewer","editor","admin"}
|
||||
|
||||
def require_role(*roles):
|
||||
u = users.get_user()
|
||||
if not u: raise PermissionError("Login required")
|
||||
if not set(roles).intersection(set(u.get('roles', []))):
|
||||
raise PermissionError("Insufficient role")
|
||||
````
|
||||
|
||||
## Validated Callable
|
||||
|
||||
```python
|
||||
@anvil.server.callable
|
||||
def secure_greet(name):
|
||||
name = (name or "").strip()
|
||||
if not (1 <= len(name) <= 64): raise ValueError("Bad name")
|
||||
return f"Top-secret hello, {name}"
|
||||
```
|
||||
|
||||
## Secrets + Fake External
|
||||
|
||||
```python
|
||||
API_KEY = secrets.get_secret('DEMO_API_KEY') # set in Anvil
|
||||
```
|
||||
|
||||
## Simple Rate Limit (per user)
|
||||
|
||||
Use a module-level dict `{user_id: [timestamps...]}`; trim to last 60s, allow ≤5.
|
||||
|
||||
## Client UX
|
||||
|
||||
* Try/catch PermissionError → Notification("You need editor role").
|
||||
* Disable button while awaiting server.
|
||||
|
||||
````
|
||||
|
||||
**`tutorials/04-uplink-file-hash.md`**
|
||||
```markdown
|
||||
# 04 — Uplink: Local File Hash
|
||||
|
||||
## Uplink Script (local)
|
||||
```python
|
||||
import anvil.server, hashlib
|
||||
@anvil.server.callable("hash_file")
|
||||
def hash_file(buffer):
|
||||
h = hashlib.sha256(buffer.get_bytes())
|
||||
return h.hexdigest()
|
||||
anvil.server.connect("YOUR-UPLINK-KEY")
|
||||
anvil.server.wait_forever()
|
||||
````
|
||||
|
||||
## Client
|
||||
|
||||
* FileLoader → `file_loader_1_change`: call `hash_file` with the Media object.
|
||||
* Show result; if timeout/conn error → “Uplink offline”.
|
||||
|
||||
````
|
||||
|
||||
**`tutorials/05-auth-roles-ui.md`**
|
||||
```markdown
|
||||
# 05 — Auth: Users + Roles + UI Gating
|
||||
|
||||
## Setup
|
||||
Enable Users service. Add roles to users (e.g., `editor`, `admin`).
|
||||
|
||||
## Server
|
||||
Use `require_role` from Tutorial 03 to gate `dangerous_action`.
|
||||
|
||||
## Client
|
||||
- Add Login/Logout buttons.
|
||||
- Show current user + roles.
|
||||
- Hide/show editor-only actions via `component.visible`.
|
||||
|
||||
## Demo Flow
|
||||
- Viewer logs in → can’t see editor actions.
|
||||
- Editor logs in → sees & runs gated action.
|
||||
````
|
||||
Loading…
Reference in New Issue