Introduction ¶
The focus of this tutorial is to show how to grant access to Chino.io resources only to selected Users with the Permissions system.
We will grant access over Schemas and Documents, explaining which Permissions are granted and why.
This tutorial is available for the following programming languages: {{languages.join(", ")}}. In the setup you can change programming language.
Use Case ¶
We are going to create two categories of Users, Doctors and Patients, that will be granted different access rights over the same resource type (Documents). In particular:
A Doctor can:
Create Documents that contain the results of a visit
Read every Document created
Grant Permissions to Patients to read the Documents he creates
A Patient can:
Read only the Documents over which the doctor has granted him the Permission
Resources used ¶
Other than Users, we will use the following Chino.io resources:
Application: used to authenticate Users.
Repository: the main container for Schemas.
Schema: defines the structure, i.e. the set of fields, of Documents. Every Document created under the same Schema has the same fieldset.
Document: the resource where we store sensitive data.
Permissions: define the access rights of Users over resources.
Select language: ¶
Setup development environment ¶
Install library
First thing to do is to setup an environment (optional) and install the SDK (mandatory)
(sudo) pip install git+https://github.com/chinoio/chino-python.gitInstall library
First thing to do is to setup an environment (optional) and install the SDKs (mandatory)
There are two ways to install the SDKs:
If you're using Maven, then edit your project's pom.xml and add this:
<repositories>
<repository>
<id>jitpack.io</id>
<url>https://jitpack.io</url>
</repository>
</repositories>
<dependency>
<groupId>com.github.chinoio</groupId>
<artifactId>chino-java</artifactId>
<version>1.0</version>
</dependency>
If you're using Gradle, then edit your project's build.gradle and add this:
allprojects {
repositories {
...
maven {
url 'https://jitpack.io'
}
}
}
dependencies {
// ...
compile 'com.github.chinoio:chino-java:1.0'
}
The other method is building the SDKs from source:
git clone https://github.com/chinoio/chino-java.git
cd chino-java
./gradlew buildThe output will be in build/
And if you want a "fat jar" with all the dependencies inside use the following commands:
git clone https://github.com/chinoio/chino-java.git
cd chino-java
./gradlew build shadowJarIn order to perform network operations your Android manifest must include the following permissions:
<uses-permission android:name="android.permission.INTERNET" />
<uses-permission android:name="android.permission.ACCESS_NETWORK_STATE" />Network operations in Android cannot be performed in the main UI Thread. You have to wrap the API calls in an AsyncTask :
Start the AsyncTask passing all the required parameters in an array:
execute(params)Perform your call inside the method
doInBackground, which is executed asynchronouslyElaborate the results - if it can be done in the async method - and eventually return them
Update your local values and the UI in the method
onPostExecute, which is executed on the UI thread.
{{ androidCode ? "Hide" : "Show" }} example
Create a subclass of AsyncTask:
Then, from your Activity or class trigger the task like this:
You can use Postman to try our rest API. We provide a Collection, to be imported in Postman, which allows you to easily test every call in this tutorial.
You can download Postman at this link .
SDK distribution
You can integrate the CHINO.io Swift SDK into your project using one of several methods.
CocoaPods
To use CocoaPods, a dependency manager for Cocoa projects, you should first install it using the following command:
$ gem install cocoapods
Then navigate to the directory that contains your project and create a new file called Podfile. You can do this either with pod init, or open an existing Podfile, and then add
pod 'ChinoOSXLibrary', :git => 'https://github.com/chinoio/chino-ios.git', :tag => '1.0'
to the main loop. Your Podfile should look something like this:
use_frameworks!
target '<YOUR_PROJECT_NAME>' do
pod 'ChinoOSXLibrary', :git => 'https://github.com/chinoio/chino-ios.git', :tag => '1.0'
end
Then, run the following command to install the dependency:
$ pod install
Once your project is integrated with the CHINO.io Swift SDK, you can pull SDK updates using the following command:
$ pod update
Write here your customer ID and Key ¶
Here you can write your customerId and customerKey to have them filled out in the code. It's just for the purpose of the tutorial.
Click on the following button to add the Collection with the calls of this tutorial in Postman.
Postman will automatically set the values inserted in this page in the environment variables.
Note: if you want to add an environment in Postman, please fill the customer_id and customer_key in the box above.
Initialize ¶
First thing to do is to initialize our SDK.
We now have access to the SDK that wraps all the calls that Chino.io API offers.
Create a Repository ¶
The next step is to create a Repository.
Repositories can be created via the API or via the console. For this first tutorial we create a Repository via the console.
We create a Repository using Postman
Note: without a Repository you can't create Schemas, and without Schemas you can't create Documents in which to store your data.
Once created we copy the (write here your repository_id) and we use it as
constant in our code.
Create a Schema ¶
The Schema represents the structure of the Document we want to store inside Chino. For this tutorial we store the following information:
-
patient_id: string (indexed) - the ID of the Patient that has been visited -
doctor_id: string (indexed) - the ID of the Doctor that performed the visit -
visit_type: string (indexed) - a brief description of the type of visit -
visit: text (not indexed) - the outcome of the visit -
date: datetime (indexed) - timestamp of when the visit was made
Note: you can search for Documents with the indexed fields.
Note: this is the Schema over which we are going to grant Permissions.
We call this schema base_vist
Once created, copy the schema_id
Create an Application ¶
We need an Application to let our Users login to Chino.io.
For this tutorial we create a confidential Application with the password login method.
Note: if you don't know what an Application is or what is used for, check the tutorial on Authentication .
Once created, copy here your app_id:
and your app_secret:
Create a UserSchema ¶
We create a UserSchema which defines the following attributes of the Users:
-
name: string (indexed) - the first name of the User -
last_name: string (indexed) - the last name of the User -
date_birth: date (indexed) - the date of birth -
role: text (not indexed) - the role (patient or doctor)
Once created, copy here your user_schema_id:
Create Users ¶
Now we can create the Users for this tutorial: a Doctor and a Patient. We create them under the same UserSchema and differentiate them only by the
attribute role:
Give permissions ¶
We defined that the Doctor needs to create new Documents and read, update and delete those already present in the Schema. He also needs to authorize his Patients to read the Documents he decides to.
Note: learn more about the Permissions system in the Chino.io docs .
Create a Document (Doctor) ¶
We now log in as the doctor and create a new Document with the visit of the patient.
We also grant the read permission to the Patient over the new Document, so that he can log in and read it.
Doctor login:
Document creation:
The HTTP header must contain the access_token of the Doctor.
Grant read Permission:
Note: The Permission request targets the Patient and the new Document only.
Read the Document (Patient) ¶
We now try to log in as the Patient and read the Document created by the Doctor.
First we need to login as a Patient and set the access_token in the HTTP header, just like we did for the Doctor.
Then, we can read the Document:
Summary ¶
We have implemented the authentication of Users and managed Permissions.
Notes
-
Organize Documents between multiple Schemas and Repositories
-
Create different UserSchemas to register different categories of Users: useful data about doctors are not always important for patients, and vice-versa