How to Filter Lists
Oso Cloud's list API can efficiently perform authorization checks over collections of data.
Imagine you're building a dashboard for GitCloud users. When an authenticated user accesses the page, they should see a high-level overview of the repositories they have "read" access for. A naive way to implement that would be to fetch all repositories from the database and then filter them in-memory by asking if the current user is allowed to view each repository in turn. If GitCloud has millions of repositories, that might get pretty darn slow.
Oso Cloud's list API flattens that iterative approach into a single request:
"What is the set of repositories that the user is allowed to see?"
The response is a list of IDs of authorized resources (repositories, in this case) that can then be loaded from the database in one fell swoop:
async function authorizedRepositories(oso: Oso, currentUser: User): Promise<Repository[]> { const repositoryIds = await oso.list( {type: "User", id: currentUser.id.toString()}, "view", "Repository" ); return getRepositoriesByIds(repositoryIds);}
For more details, consult the
API docs
for the list endpoint.
Talk to an Oso Engineer
If you'd like to learn more about using Oso Cloud in your app or have any questions about this guide, connect with us on Slack. We're happy to help.