ian
ian10mo ago

CRUD helper

For building crud operations, I made a helper recently: crud with an example here
GitHub
convex-helpers/convex/crudExample.ts at main · get-convex/convex-he...
A collection of useful code to complement the official packages. - get-convex/convex-helpers
GitHub
convex-helpers/packages/convex-helpers at main · get-convex/convex-...
A collection of useful code to complement the official packages. - get-convex/convex-helpers
12 Replies
ian
ianOP10mo ago
@vector
vector
vector10mo ago
thx how come this should only be used internally?
ian
ianOP10mo ago
This is exposing operations for any document by ID. In production you'd want to add access checks, business logic, and combine queries you want for a given page to avoid request waterfalls
ian
ianOP10mo ago
You can add RLS via a customFunction and pass those functions into the crud helper as the query/mutation
Customizing serverless functions without middleware
Re-use code and centralize request handler definitions with discoverability and type safety and without the indirection of middleware or nesting of wr...
ian
ianOP10mo ago
these functions are just utilities for when you're too lazy to write them yourself. as a way to quickly expose some things to get a prototype going or to aid in little internal functions to call from actions / etc
vector
vector10mo ago
if you do this, would it be secure enough to use it in production? basically we're trying to auto generate convex backends and it seems difficult to prevent hallucinations by directly trying to get GPT to write things so if there was an easy way to machine generate the back end given a schema thats basically what we're looking for here
ian
ianOP10mo ago
I would make some well defined modules that you programmatically generate based on a meta-structure generated by the LLM rather than generating the low level code directly
vector
vector10mo ago
is there anything that does that already or can i achieve this with teh CRUD helper + RLS?
ian
ianOP10mo ago
It's quite the undertaking to make a nontrivial secure production backend programmatically, but I think composing security rules with CRUD from schema definitions, you could be headed in the right direction I would start with something very simple and insecure, then when it's working, adjust the prompting and infra to be more and more scalable and secure iteratively Going for full production-ready app directly sounds like a lot of hurdles to solve at once
vector
vector10mo ago
aight, exposing crud is probs the first step how does security work with exposing crud vs calling a function that writes to the database?
ian
ianOP10mo ago
They’re just functions under the hood. The query and mutation that you pass in can be custom functions that check for authentication and replace the db with rls
vector
vector10mo ago
how do we use convex helper functions do i need to import something or do i just add the files to my program nvm installed convex-helpers