kristianmandrup/folder structure of app

## folder structure of app
Folder structure of app

app
  models
    decorators
      - typically used to decorate a model with client side functionality

    validators
      - for validate middleware, one per model
  routes
    validators
      - for client routes, to validate incoming params!
  middleware
    validate (mutate ops only)
    authorize
    authenticate

    client-serialize
    server-serialize

    runners
      2 basic mw-runners for sending/retrieving data

      access-data
        - authenticate
        - authorize (does user have right to do this mutate action)

      save-data - run before sending mutated data to backend!
        - call: access-data 'save', action, data

        - validate (could depend on action and user etc)
        - server-serialize (remove any client temp vars of model and functions)

        What to do if data is a list of objects? Can we assume that if each object is of same type, that user will have same permission? not really? could fx depend on ownership
        We have to call save-data individually for each object
        But would be stupid to do authenticate for each one. So we must cache this!

      read-data - after receiving data from server, unpack data for use in frontend!
        - call: access-data 'read', action, data

        - client-serialize (remove any sensitive data such as password, add any client-side temp state and/or functions)

        What to do if data is a list of objects? Can we assume that if each object is of same type, that user will have same permission? not really? could fx depend on ownership
        We have to call read-data individually for each object
        But would be stupid to do authenticate for each one. So we must cache this!
	Folder structure of app

	app
	models
	decorators
	- typically used to decorate a model with client side functionality

	validators
	- for validate middleware, one per model
	routes
	validators
	- for client routes, to validate incoming params!
	middleware
	validate (mutate ops only)
	authorize
	authenticate

	client-serialize
	server-serialize

	runners
	2 basic mw-runners for sending/retrieving data

	access-data
	- authenticate
	- authorize (does user have right to do this mutate action)

	save-data - run before sending mutated data to backend!
	- call: access-data 'save', action, data

	- validate (could depend on action and user etc)
	- server-serialize (remove any client temp vars of model and functions)

	What to do if data is a list of objects? Can we assume that if each object is of same type, that user will have same permission? not really? could fx depend on ownership
	We have to call save-data individually for each object
	But would be stupid to do authenticate for each one. So we must cache this!

	read-data - after receiving data from server, unpack data for use in frontend!
	- call: access-data 'read', action, data

	- client-serialize (remove any sensitive data such as password, add any client-side temp state and/or functions)

	What to do if data is a list of objects? Can we assume that if each object is of same type, that user will have same permission? not really? could fx depend on ownership
	We have to call read-data individually for each object
	But would be stupid to do authenticate for each one. So we must cache this!