Code Monkey home page Code Monkey logo

api's Introduction

Ember Nexus: Knowledge Graph API

Store anything, connect everything, search it all? Sure thing! ๐Ÿ˜ƒ

Ember Nexus API is a dynamic and versatile REST-API that leverages the power of graphs to provide flexible and secure data storage and retrieval for data-minded people. It is open source and can be hosted on your own hardware - we currently support AMD and ARM architectures.

Quick Links

Find us on GitHub, our website ember-nexus.dev, and Discord.

Features

Ember Nexus offers a range of cutting-edge features to meet your data storage needs, including:

  • Graph-based data model: Ember Nexus uses the graph database Neo4j internally, which enables you to connect any data element to any other data element and efficiently search long and recursive relations.
  • Access through UUID: Ember Nexus assigns a UUID to every storable element, making it easy to retrieve and manage data. User can provide their own UUIDs as well, although this feature is disabled by default.
  • Near real-time search: Ember Nexus supports full-text search that is fast and responsive. Most of Elasticsearch's features are directly available while not bypassing the security model.
  • Secure by default: User-created data is only visible to the owner by default. Sharing data requires explicit rules, which are recursive and optionally limited in access scope and other features.
  • High-quality software: We invested quite a bit of time to make sure that this software is as stable as possible. We employ code linters, unit tests, feature tests, memory leak tests, mutant tests, and more. Most examples in the documentation are automatically checked for deprecations.

Planned Features

See our milestone and issue list on GitHub for planned features.

When should I use Ember Nexus API?

Ember Nexus is a powerful tool for a range of use cases, including:

  • Private cloud: Use Ember Nexus to create your own private cloud, similar to Nextcloud.
  • Websites: Use Ember Nexus as a CMS or blog platform.
  • Data management systems: Ember Nexus is ideal for building data management systems and archives.
  • Data lakes: Ember Nexus makes it easy to create data lakes, where you can store and manage large volumes of data.
  • Interface between multiple systems: Ember Nexus can serve as a bridge between multiple systems, making it easy to integrate and manage data across your entire infrastructure.

Experience the power of Ember Nexus for yourself - try it out today!

api's People

Contributors

ember-nexus-bot avatar syndesi avatar

Stargazers

avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar

Watchers

avatar

Forkers

aljazeera-exe-plus-exe-net-gsg9plus-exe

api's Issues

Returned token elements should never contain the hash or token

When token data elements are returned, they should never contain their hash (internal use only) and plain text tokens (only manually added in the reference dataset to enhance user onboarding).

  • Add feature test to automatically detect if problematic fields are returned.
  • Disable fields from output in controller.
  • Check if other data types / fields should be included too.
    • Should this be user configurable? Part of a future schema process?

Env variable rework

Todos:

  • Rework existing env variables.
  • Use Dockerfile env variables as much as possible.
  • Create new env variables for currently hardcoded elements like the Neo4j, MongoDB and Elastic Search auth values.

Docker image

Todos:

  • Building Docker images automatically on release.
  • Publishing Docker images automatically to Docker Hub on release.

Create command to revoke tokens

Different options should be implemented:

  • Revoke all tokens.
  • Revoke all tokens of a specific user or group.
  • Revoke all tokens created before/after a specific date.
  • Revoke all tokens with no expire date.
  • Revoke all tokens with an expire date.

Revoking tokens must include:

  • Marking the token as revoked.
    • Todo: How? Setting token.isRevoked to true? Or token.status to revoked?
      • State ACTIVE: Token works normally.
      • State REVOKED: Token is manually deactivated but not deleted.
      • State EXPIRED: Currently unused state for tokens which are expired.
  • Revoked tokens must be removed from Redis.

Feature tests:

  • Iterate over all options.
    • Check that existing tokens work.
    • Check that those tokens can be revoked.
    • Check that revoked tokens no longer work.

Example generation:

  • One case should be automatically generated.

Documentation:

  • Command should be documented.

Related work:

  • When tokens are initially put into Redis, their lifetime should be limited to min( (now + 30min) , tokenValidUntilTimestamp ).

Question: What should be returned in the case of an id conflict?

When the user tries to create an element with a user specified UUID, which already exists in the database, then the request must fail.

However this failing requests returns metadata in the form of "there exists another element with the same UUID, even if I have no access to it".

This shouldn't be a problem when completely random UUIDs are used, however if the user uses incrementing UUIDs - which in itself is a bad design choice - then meta data leaks might happen.

The question now is, if there is a better alternative.

Basic search operation via Elasticsearch

Todos:

  • Optimize search queries for performance while still keeping security in mind.
    Likely involves serializing groups and users with search access into the Elastic Search documents, which will need to be kept in sync.
    • Normalize groups and users.
    • Always check for access while executing search queries.
    • Synchronize changed access to other Elastic Search documents automatically. Likely via RabbitMQ Queue?

HTTP GET /token - GetTokenController

Should GET /token return all tokens as a paginated response, or just the currently used token? If the later, under which endpoint should the other feature be available?

  • Implement endpoint.
  • Add feature tests.
  • Document feature.

CI/CD improvements

  • composer test:unit
  • composer test:mutant
  • composer test:leak
  • composer cs:list
  • composer psalm
  • composer phpstan
  • composer yml:lint
  • composer markdown:lint
  • Upstream update checker for Alpine Linux
  • composer outdated
  • composer test:feature
    • with different Neo4j versions etc.
    • export final database backup?
  • when docker image is built, add it to the release

Documentation

Todos:

  • Add API request and response examples.
  • Add automated (?) API documentation, e.g. with Swagger?

HTTP DELETE /<uuid> - DeleteElementController

  • Orphaned children should be automatically reconnected with the deleted element's parents.
  • Other relations, e.g. HAS_READ_ACCESS, should not be automatically reconnected, as this could lead to edge cases. This point might be revisited in the future.

Backup commands

Todos:

  • Command for listing backups.
  • Command for creating backups.
  • Command for loading backups.
  • Command for purging the existing databases.
  • Add API version to backup, so that incompatibility to future versions can be handled gracefully.
  • Add backup explorer tool?

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.