Sept, Oct 2021
Theme selection
About thesis
Student:
Miroslav Baluch
Supervisor:
Mgr. Ján Kľuka, PhD.
Thesis name:
Access control for client-side graph-based queries
Type of thesis:
diploma
Language of thesis:
english
Faculty:
Faculty of mathematics, physics and informatics
Department:
Department of Applied Informatics
Field of Study:
Computer science
Annotation
Modern full-stack web development approach favours data access via graph-base query languages such as GraphQL and JSON-LD-Query. Client-side query composition offers flexibility for the developers but introduces security risks as queries composed on the client are executed on the server.
Aim
The goal is to propose an access control mechanisms that enables to verify and pass only such data to the client for which the current user actually has access. This will be implemented and tested in the existing system courses.matfyz.sk which uses JSON-LD data representation.The goal of this thesis is to propose an access control mechanisms that enables to verify and pass only such data to the client for which the current user on the client side has permissions. This will be implemented and tested in the existing system courses.matfyz.sk which uses JSON-LD data representation.
Thesis schedule
Nov, Dec 2021
Study of literature (collecting sources)
Study of existing code
Jan 2022
Regular meetings with Matfyz team members
Once per week
Code refactor
Initial create script
Feb 2022
Mar 2022
Making and editing a create script
Code duplication, configurability and bug fixes
Adjustable course instance variables
Slight frontend code refactor
Fixed stringified data, added adjustable variables
Working on UltraGraphQL
Reading documentation, initial usage
Apr 2022
Working on UltraGraphQL
Solving errors in framework
Adjusting models to have more types
Right now every model has only one type, no inheritance
May 2022
Preparation of sources and content for subject Projektový seminár (1)
June - September 2022
Adjustments and fixes for current backend
Solving issues for front-end developers and improving functionality of the existing backend
October 2022
Working on UltraGraphQL
Creation of config files, solving errors in framework, schema/queries extraction adjustments
Solving issues in existing backend
Improved functionality to existing backend
November 2022
Working on UltraGraphQL
Extraction schema adjustments
Writing diploma thesis
Writing diploma thesis - Abstract, Introduction and Used Technologies
Preparation of sources and content for subject Projektový seminár (2)
December 2022
Writing diploma thesis
Writing diploma thesis - Adjustments to written text based on feedback, plus new section in chapter Used Technologies
Finishing preparations for subject Projektový seminár (2)
Presentation of preparation, writing text, finishing up the requirements
Prototype
Source code (GitHub - Backend) Source code (GitHub - UltraGraphQL)Diploma thesis is currently in progress
Text of diploma thesis (LaTeX) Presentation for Projektový seminár 2
Sources
Manuals, tutorials
The GraphQL Foundation and GraphQL documentation authors.
Graphql
https://graphql.org/, 2021.
UltraGraphQL team and contributors.
UltraGraphQL
https://git.rwth-aachen.de/i5/ultragraphql/, 2021
MDN contributors.
Express/Node introduction
https://developer.mozilla.org/en-US/docs/Learn/Server-side/Express_Nodejs/Introduction/, 2022.
MDN contributors.
JavaScript
https://developer.mozilla.org/en-US/docs/Web/JavaScript/, 2022.
Source thesis
Cifra, Milan
Semantic Data Model for a Course Management System
Diploma thesis - Comenius university, Bratislava, 2020
Used technologies
React
Node
GraphQl
UltraGraphQl
SparQL
Virtuoso