You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I propose a feature for dynamic/contextual DTO configurations. This feature aims to address the following challenge: selectively exposing different data fields based on certain conditions (e.g., owners of a resource seeing private data, while other users see a restricted view of the same resource).
Basic Example
Context: A social media platform where users have both public and private information on their profiles.
Functionality: When a user views their own profile, they see all their information, including private data like email address and phone number. However, when another user views someone else's profile, the private information is omitted.
Drawbacks and Impact
Dynamically determining which DTO configuration to use for each request might introduce a slight overhead, especially if the decision logic is complex. But it's optional, and up to the user to use it.
Generating accurate OpenAPI documentation that reflects different data views based on this multi-configuration scenario can be challenging.
Unresolved questions
A less complex solution would be allowing a callback for the exclude and include fields instead of the entire DTO, but seems like a band-aid solution. Throwing it here anyway.
peterschutt
changed the title
Enhancement: Dynamic DTO Configuration
Enhancement: multiple DTO configurations and dynamic dto backend selection
Dec 1, 2023
Summary
I propose a feature for dynamic/contextual DTO configurations. This feature aims to address the following challenge: selectively exposing different data fields based on certain conditions (e.g., owners of a resource seeing private data, while other users see a restricted view of the same resource).
Basic Example
Context: A social media platform where users have both public and private information on their profiles.
Functionality: When a user views their own profile, they see all their information, including private data like email address and phone number. However, when another user views someone else's profile, the private information is omitted.
Drawbacks and Impact
Dynamically determining which DTO configuration to use for each request might introduce a slight overhead, especially if the decision logic is complex. But it's optional, and up to the user to use it.
Generating accurate OpenAPI documentation that reflects different data views based on this multi-configuration scenario can be challenging.
Unresolved questions
A less complex solution would be allowing a callback for the
exclude
andinclude
fields instead of the entire DTO, but seems like a band-aid solution. Throwing it here anyway.Note
While we are open for sponsoring on GitHub Sponsors and
OpenCollective, we also utilize Polar.sh to engage in pledge-based sponsorship.
Check out all issues funded or available for funding on our Polar.sh Litestar dashboard
The text was updated successfully, but these errors were encountered: