Search code examples
databasedatabase-designnosqlamazon-dynamodbmodeling

How do I make sure that I have deleted/updated my own record in DynamoDB without USER ID in that table

I'm quite new to DynamoDB. So I have a lot of questions about this one.

I made a model relationship like below

Table Relationship

  • Many Users have many Projects
  • One Project has many Suites
  • Suites has many Cases

Tables Model

Users Table

+-------------+------------+
| UserID (PK) | Attributes |
+-------------+------------+
|     U_01    |     ...    |
+-------------+------------+
|     U_02    |     ...    |
+-------------+------------+
|     U_03    |     ...    |
+-------------+------------+

Projects Table

+-----------+------------+
| ProjectId | Attributes |
+-----------+------------+
|   PJ_01   |     ...    |
+-----------+------------+
|   PJ_02   |     ...    |
+-----------+------------+
|   PJ_03   |     ...    |
+-----------+------------+

UserProject Table

+-------------+----------------+------------+
| UserID (PK) | ProjectID (SK) | Attributes |
+-------------+----------------+------------+
|     U_01    |      PJ_01     |     ...    |
+-------------+----------------+------------+
|     U_02    |      PJ_02     |     ...    |
+-------------+----------------+------------+
|     U_03    |      PJ_01     |     ...    |
+-------------+----------------+------------+

Suites Table

+------------------+----------------+------------+
|   SuiteId (SK)   | ProjectId (PK) | Attributes |
+------------------+----------------+------------+
|  S_01            |      PJ_01     | ...        |
+------------------+----------------+------------+
|  S_02            |      PJ_02     | ...        |
+------------------+----------------+------------+
|  S_03            |      PJ_01     | ...        |
+------------------+----------------+------------+

Cases Table

+-----------------+------------------+------------+
|   CaseId (PK)   |   SuiteId (SK)   | Attributes |
+-----------------+------------------+------------+
|       C_01      |        S_01      | ...        |
+-----------------+------------------+------------+
|       C_02      |        S_01      | ...        |
+-----------------+------------------+------------+
|       C_03      |        S_01      | ...        |
+-----------------+------------------+------------+

In order to update or delete a test case (ex: C_01), i gotta make sure that users mustn't delete non-owned items (ex: U_02 will not allow to delete C_01). BTW, I got user id from token after authenticated

I've designed a API Endpoint like below to UPDATE or DELETE data. Could you tell me your best practices in this case. Thanks a lot.

UPDATE: /cases/:id

DELETE: /cases/:id

(I don't make some thing like /projects/:prjId/suites/:sId/case/:cId as Microsoft best practices suggestion in API creation)

Solution

  • After some days, I rethink the way I approached table for relational model.

    With DynamoDB, we have 2 definitions to resolve RDS. - Global Secondary Index (GSI) - Adjacency List

    And I figure out "AWS re:Invent 2018: Amazon DynamoDB Deep Dive: Advanced Design Patterns for DynamoDB" Video. Blown my mind.

    They suggest that we should use 1 table for 1 application, Hierarchical Data Structure as Items, pair partition key and sort key to query and GSI.

    But I still no clear in my case until @Rick Houlihan give me an answer.