Tutorial - Management of Users and Permissions | Chino.io

Introduction

The focus of this tutorial is to create a system for the management of Users granting them Permissions over resources in a way that they can access the only resources they are permitted to.

Note: We grant access over Schemas and Documents, explaining which Permissions are granted and why.

This tutorial is available for the following programming languages: {{languages.join(", ")}}. In the setup you can change programming language.

Use Case

We are going to use the following scenario for a better explanation of this tutorial:

We want to create a system for the management of visits that doctors perform to their patients. We are going to store visits in Documents.

In this tutorial we also manage Permissions over Users.

A Doctor can:

  • Create Documents with the visit's result

  • Grant Permissions to the patients to read the Documents he creates

A User can:

  • Read the Documents over which the doctor has granted him the read Permission

Resources used

The following list shows the Resources in Chino.io we use for this tutorial:

  • Repository: it's the main container which hold Schemas.

  • Schema: it's the resource which defines the structure of Documents. We define here the fields of the future Documents that we will create in it.

  • Document: it's the resource we will use to store sensitive data.

  • Permission: we use Permissions for a better management of Users.

Select language:

Register to Chino.io 

To register to our service go to consoleconsole, fill in the form, confirm the email and access.

If you use the test environment (strongly recommended for development since it's free) you can login with your Github account.

Setup development environment

Install library

First thing to do is to setup an environment (optional) and install the SDK (mandatory)

(sudo) pip install git+https://github.com/chinoio/chino-python.git

Install library

First thing to do is to setup an environment (optional) and install the SDKs (mandatory)

There are two ways to install the SDKs:

If you're using Maven, then edit your project's pom.xml and add this:

    <repositories>
        <repository>
            <id>jitpack.io</id>
            <url>https://jitpack.io</url>
        </repository>
    </repositories>

    <dependency>
        <groupId>com.github.chinoio</groupId>
            <artifactId>chino-java</artifactId>
        <version>1.0</version>
    </dependency>

If you're using Gradle, then edit your project's build.gradle and add this:

    allprojects {
        repositories {
            ...
            maven {
                url 'https://jitpack.io'
            }
        }
    }

    dependencies {
        // ...
        compile 'com.github.chinoio:chino-java:1.0'
    }

The other method is building the SDKs from source:

git clone https://github.com/chinoio/chino-java.git
    cd chino-java
    ./gradlew build

The output will be in build/

And if you want a "fat jar" with all the dependencies inside use the following commands:

git clone https://github.com/chinoio/chino-java.git
    cd chino-java
    ./gradlew build shadowJar

In order to perform network operations your Android manifest must include the following permissions:

<uses-permission android:name="android.permission.INTERNET" />
    <uses-permission android:name="android.permission.ACCESS_NETWORK_STATE" />

Note:

Every function in android must be called in an AsynkTask to avoid the main Thread to stop!

You can use Postman to try our rest API. We provide a Collection, to be imported in Postman, which allows you to easily test every call in this tutorial.

You can download it by clicking on this link

SDK distribution

You can integrate the CHINO.io Swift SDK into your project using one of several methods.

CocoaPods

To use CocoaPods, a dependency manager for Cocoa projects, you should first install it using the following command:

$ gem install cocoapods

Then navigate to the directory that contains your project and create a new file called Podfile. You can do this either with pod init, or open an existing Podfile, and then add

pod 'ChinoOSXLibrary', :git => 'https://github.com/chinoio/chino-ios.git', :tag => '1.0'

to the main loop. Your Podfile should look something like this:

use_frameworks!

target '<YOUR_PROJECT_NAME>' do
    pod 'ChinoOSXLibrary', :git => 'https://github.com/chinoio/chino-ios.git', :tag => '1.0'
end

Then, run the following command to install the dependency:

$ pod install

Once your project is integrated with the CHINO.io Swift SDK, you can pull SDK updates using the following command:

$ pod update

Write here your customer ID and Key

Here you can write your customerId and customerKey to have them filled out in the code. It's just for the purpose of the tutorial.

YOU SHOULD NOT DO THIS TUTORIAL IN PRODUCTION.

Be careful! don't paste here, anywhere, nor share anywhere the customerId and customerKey of the production website

Click on the following button to add the Collection with the calls of this tutorial in Postman.
Postman will automatically set the values inserted in this page in the environment variables.

Note: if you want to add an environment in Postman, please fill the customer_id and customer_key in the box above.

Initialize

First thing to do is to initialize our SDK.

We now have access to the SDK that wraps all the calls that Chino.io API offers.

Create a Repository

We have now to create a Repository. It is like a folder that contains Schemas.

Repositories can be created via the API or via the console. For this first tutorial we create a Repository via the console.

We create a Repository using Postman

Note: without a Repository you can't create Schemas, and without Schemas you can't create Documents in which store your data.

Once created we copy the (write here your repository_id) and we use it as constant in our code.

Create a Schema

The Schema represents the structure of the Document we want to store inside Chino. For this tutorial we store the following information:

  • patient_id : string - indexed the patient that we have visited

  • doctor_id : string - indexed a reference to a doctor that perform the visit

  • visit_type : string - indexed the type of the visit

  • visit : text - not indexed the response of the visit

  • date : datetime - indexed timestamp of when the visit was made

Note: if the field is indexed it can be used to search for Documents. Better explanations throughout this tutorial.

Note: this is the Schema over which we are going to grant Permissions.

We call this schema base_vist

Once created, copy the schema_id

Create an Application

An Application is necessary in order to authenticate Users to Chino.io. For this tutorial we create an Application with the password method for the login.

Note: if you don't know what an Application is or what is used for, please check this link.

Once created, copy here your application_id:

and your application_secret:

Create a UserSchema

We create a UserSchema which defines the following attributes of the Users:

  • name: string - indexed the name of the user

  • last_name: string - indexed the last name of the user

  • date_birth: date - indexed the date of birth of the user

  • role: text - not indexed the role of the user (if patient or doctor)

Once created, copy here your user_schema_id:

Create Users

For this tutorial we use a simple case study: a doctor and a patient who share Documents using a Schema. We create the doctor and the patient under the same UserSchema.

Give permissions

The doctor needs to create new Documents in the Schema and read, update and delete the Documents he creates. He also need to be able to grant to patients the permission to read his Documents.

Note: if you want to understand better how Permissions in Chino.io work please check the API and DOCs on this link.

Doctor creates a Document

We now log in as the doctor and create a new Document with the visit of the patient.

Note: as a doctor we can create a new Document because he has the permission create over the Schema.

Note: We have to grant the permission read over the Document created to the patient because he has no permissions over Documents created under that Schema.

Doctor login in Postman:

Document creation in Postman:

Note: as we create a Document logged as doctor, the important thing to consider is the header which need to contain the bearer_token of the doctor.

Read the Document created

We now try to log in as the patient and read the Document created by the doctor.

For Postman the process is similar to the Document creation logged as doctor.

Summary

We have implemented the authentication of Users and managed Permissions.

PROS

  • Secure and compliant storage of sensitive data.

  • Easy management of Permissions.

  • Authentication of Users.

CONS

  • A single Schema for all Documents (it's like having a huge medical record in which you store all the visits for all patients instead of having a different medical record for every patient).