Authorize broadcast
40 views
Skip to first unread message
Alex Danilov
Nov 5, 2013, 1:20:57 PM11/5/13
to kern...@googlegroups.com
Hi Alan,
What do you think regarding the broadcast restriction? How I can implement it in best way in Kernel.js?
I want to make the ability to allow broadcasting a specific event by specific hubs only.
For example I have "screen-resize" event, and I want to allow raise it from "main" hub only.
I thought about maintaining some kind of "dictionary" on Kernel object, and then in broadcast method of the hub, before broadcasting the event to check Kernel.authorizeBroadcast(this, type); if it returns false, then throw an error or something like this.
Do you think there can be a better implementation?
Thank you!
Alex
alindsay55661
Nov 5, 2013, 7:49:52 PM11/5/13
to kern...@googlegroups.com
You can use hub.authorize() to restrict broadcasts to specific modules, module types, etc. This method is meant to be overridden and you can put any logic you want in it, including using a dictionary to manage events.
Alan
alindsay55661
Nov 5, 2013, 7:52:29 PM11/5/13
to kern...@googlegroups.com
Actually, the docs are wrong, the name of the method is authorized with a 'd'.
Alan
Alex Danilov
Nov 6, 2013, 3:07:05 PM11/6/13
to kern...@googlegroups.com
Hi Alan,
Thank you for your answer, but or I miss something, or I didn't explain explain myself correctly.
I'm aware about h.authorized method, but it allows restrict listening, but it not restrict broadcasting (at least that is what I see from the source code).
For example, I have ten different modules, what I want, is to allow for all these modules to listen to "screen-resize" event, but only one of them allowed to broadcast it. Currently, there nothing that prevents from all modules to broadcast the event, even if it not supposed to. In each of my ten modules I can write this.hub.broadcast("screen-resize", {newSize: 1024}); and nothing will prevent it to reach all listeners.
If I'm wrong, can you point me to the line numbers in code, where the h.broadcast method checks if hub/module allowed to broadcast the specific event.
Thank you.
If I'm wrong, can you point me to the line numbers in code, where the h.broadcast method checks if hub/module allowed to broadcast the specific event.
Thank you.
alindsay55661
Nov 7, 2013, 11:45:55 AM11/7/13
to kern...@googlegroups.com
No you are correct, there is currently no way to restrict a module from broadcasting, other than to simply not attempt the broadcast in the first place. Out of curiosity, what is the use case where you need to code the broadcast but potentially lock it down at runtime?
Alan
Alex Danilov
Nov 7, 2013, 12:28:29 PM11/7/13
to kern...@googlegroups.com
I my case, when several people working on different modules, I want to prevent them broadcasting "restricted" events. I am creating hubs with APIs and modules are allowed to use the API only. Restricting broadcasting unauthorized events, will prevent some kinds of "workarounds" that people may do to solve some kind of problems.
alindsay55661
Nov 7, 2013, 5:15:30 PM11/7/13
to kern...@googlegroups.com
Ok, one thing you could use is hub.beforeBroadcast(). This isn't explicitly intended for authorization but you could achieve the same result by converting the message type into something that nobody is listening to (like null). Or feel free to implement specific authorization logic and send a pull request.
Alan
Reply all
Reply to author
Forward
0 new messages