Skip to content

Instantly share code, notes, and snippets.

@flyingsilverfin

flyingsilverfin/permissions_rules.tql

Created October 11, 2021 16:59
Show Gist options
  • Save flyingsilverfin/440daf09fb683c1b1e0ad30c591f5f33 to your computer and use it in GitHub Desktop.
Save flyingsilverfin/440daf09fb683c1b1e0ad30c591f5f33 to your computer and use it in GitHub Desktop.
Download ZIP
Inference in TypeDB - Permissions Rules
Raw
permissions_rules.tql
define
rule owners-have-write-access:
when { (resource: $r, owner: $owner) isa resource-ownership; }
then { (writer: $owner, writable: $r) isa write-access; };
rule members-borrow-write-access:
when {
(member: $u, team: $t) isa team-membership;
(writer: $t, writable: $r) isa write-access;
} then {
(writer: $u, writable: $r) isa write-access;
};
rule members-borrow-read-access:
when {
(member: $u, team: $t) isa team-membership;
(reader: $t, readable: $r) isa read-access;
} then {
(reader: $u, readable: $r) isa read-access;
};
rule permission-read:
when { $access isa read-access; }
then { $access has permission "read"; };
rule permission-write:
when { $access isa write-access; }
then { $access has permission "write"; };
rule permission-write-read:
when { $access isa write-access; }
then { $access has permission "read"; };
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment