Appearance
Quick Reference
A comprehensive reference of all Quickback definition options.
Layer Summary
| Layer | Purpose | Key Options |
|---|---|---|
| Firewall | Data isolation | owner, organization, team, softDelete, exception |
| Access | Who can do what | roles, record conditions, or/and, $ctx. variables |
| Guards | Field protection | createable, updatable, protected, immutable, false |
| Masking | Field redaction | email, phone, ssn, creditCard, name, redact, custom |
| Actions | Custom routes | guard, input, execute/handler, standalone |
| CRUD List | Query options | pageSize, maxPageSize, fields, filtering, sorting |
| PUT/Upsert | External sync | Requires guards: false + generateId: false |
Database Config Options
typescript
// quickback.config.ts
export default {
database: {
generateId: 'uuid', // 'uuid' | 'cuid' | 'nanoid' | 'serial' | false
namingConvention: 'camelCase', // 'camelCase' | 'snake_case'
usePlurals: true, // Table names: 'users' vs 'user'
},
compiler: {
features: {
auditFields: true, // Auto-manage createdAt/By, modifiedAt/By
}
}
};Firewall Options
typescript
firewall: {
owner?: {
column?: string;
source?: string;
mode?: 'required' | 'optional';
};
organization?: {
column?: string;
source?: string;
};
team?: {
column?: string;
source?: string;
};
softDelete?: {
column?: string;
};
exception?: boolean;
}Access Conditions
typescript
// Field conditions
{ equals: value | '$ctx.userId' | '$ctx.activeOrgId' }
{ notEquals: value }
{ in: value[] }
{ notIn: value[] }
{ lessThan: number }
{ greaterThan: number }
{ lessThanOrEqual: number }
{ greaterThanOrEqual: number }
// Combinators
{ or: Access[] }
{ and: Access[] }Query Parameters
| Operator | Query Param | SQL Equivalent |
|---|---|---|
| Equals | ?field=value | WHERE field = value |
| Not equals | ?field.ne=value | WHERE field != value |
| Greater than | ?field.gt=value | WHERE field > value |
| Greater or equal | ?field.gte=value | WHERE field >= value |
| Less than | ?field.lt=value | WHERE field < value |
| Less or equal | ?field.lte=value | WHERE field <= value |
| Pattern match | ?field.like=value | WHERE field LIKE '%value%' |
| In list | ?field.in=a,b,c | WHERE field IN ('a','b','c') |
Guards Lists
| List | What it controls |
|---|---|
createable | Fields allowed in create (POST) body |
updatable | Fields allowed in update (PATCH) body |
protected | Only modifiable via named actions (not in createable/updatable) |
immutable | Set on create, blocked on update (not in updatable) |
Fields can be in both createable and updatable. System fields are always auto-managed.
Mask Types
| Type | Example Input | Masked Output |
|---|---|---|
'email' | john@example.com | j***@e***.com |
'phone' | 555-123-4567 | ***-***-4567 |
'ssn' | 123-45-6789 | ***-**-6789 |
'creditCard' | 4111111111111111 | ************1111 |
'name' | John Smith | J*** S*** |
'redact' | anything | [REDACTED] |
'custom' | (your logic) | (your output) |
ID Generation Options
generateId | PUT Available? | Notes |
|---|---|---|
'uuid' | No | Server generates UUID |
'cuid' | No | Server generates CUID |
'nanoid' | No | Server generates nanoid |
'serial' | No | Database auto-increments |
false | Yes (if guards: false) | Client provides ID |