Skip to content

Authorization of Models

A key feature of Dojo is the ability to authorize access to the world state. This is done via the writers config in the dojo_dev.toml or dojo_release.toml file.

How it works?

Let's say we have the following setup:

actions.cairo - This is the file where we define our contract with functions

Then we define a model...

#[derive(Drop, Serde, Debug)]
#[dojo::model]
pub struct DirectionsAvailable {
    #[key]
    pub player: ContractAddress,
    pub directions: Array<Direction>,
}

Now we need to define the writers in our dojo_dev.toml or dojo_release.toml file.

# ... other config
 
[writers]
# This means that any model in the `dojo_starter` namespace can only be written to by the `dojo_starter-actions` contract.
"dojo_starter" = ["dojo_starter-actions"] 
 
# More specific fine-grained authorization 
# This means that only the `dojo_starter-DirectionsAvailable` model can be written to by the `dojo_starter-actions` contract.
"dojo_starter-DirectionsAvailable" = ["dojo_starter-actions"]

In Testing

In your testing files you can bypass authorization in the world by using the write_model_test.

// write like you normally would
world.write_model_test(@position);