Skip to content

/ APIJSON

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

可行性问题 #121

Open
itben-cn opened this issue Feb 27, 2020 · 3 comments
Open

可行性问题 #121

itben-cn opened this issue Feb 27, 2020 · 3 comments
Labels
question

Comments

@itben-cn
Copy link

@itben-cn itben-cn commented Feb 27, 2020

刚刚接触apijson,相见恨晚,真的很给力
但还是有两个疑问:
1.使用apijson后,确实降低了后端工作量,但实际是把后端数据逻辑交给了前端人员去做,前端工作量增加。
2.有没有这样一种情况:在一个前端中,他在有对应权限的情况下,误操作删除了数据库其他数据;网络拦截,请求数据篡改等等有没有机制。
@TommyLemon
Copy link
Member

@TommyLemon TommyLemon commented Feb 27, 2020
edited

1.前端工作量增加的部分可以忽略不计,一方面因为用 RESTful 等其它方式也一样要传参,APIJSON 只是 JSON 参数 比以往方式稍微复杂一些,业务逻辑由后端提供 远程函数 给前端调用;另一方面 APIJSON 建议由后端写好 JSON 参数,上传到 APIAuto-机器学习自动化接口管理工具,前端打开接口,复制粘贴代码就行了。


2. APIJSON 提供了自动化权限管理,由后端在 Access 表里配置,粒度细到 每种操作、每张表、每条记录,已经杜绝了越权操作;至于 "网络拦截","请求数据篡改",这些都不是 ORM 的范畴,只用其它 ORM 库照样会有这种问题,可以在网关做一层拦截、鉴权、监控、限流等机制。

#12
@TommyLemon TommyLemon added the question label Feb 27, 2020
@yaojin2070
Copy link

@yaojin2070 yaojin2070 commented Feb 28, 2020

作为一个没接触过sql数据库的小前端我来说,表示完全看不懂,感觉多数是后端人员使用多
@TommyLemon
Copy link
Member

@TommyLemon TommyLemon commented Mar 1, 2020

@yaojin2070 不需要很懂,让后端提供文档就行了(建议上传到 APIAuto-机器学习自动化接口管理工具
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
question
Projects
None yet
Milestone
No milestone
Linked pull requests

Successfully merging a pull request may close this issue.

None yet
3 participants
@TommyLemon @itben-cn @yaojin2070
You can’t perform that action at this time.