Skip to content

Instantly share code, notes, and snippets.

View ghstahl's full-sized avatar
💭
coding always coding

Herb Stahl ghstahl

💭
coding always coding
19 followers · 19 following
  • Santa Monica, CA
View GitHub Profile
@ghstahl
ghstahl / final-model.png
Last active November 19, 2022 21:01
openfga-final-model-image
final-model.png
@ghstahl
ghstahl / openfga-final-model-checks.json
Created November 19, 2022 19:06
openfga-final-model-checks.json
[{
"tuple_key": {
"object": "org:a",
"relation": "member",
"user": "user:beth"
},
"contextual_tuples": {
"tuple_keys": [{
"object": "integrity:1234",
"relation": "member_in_context",
@ghstahl
ghstahl / openfga-final-model-store-example-tuples.json
Created November 19, 2022 19:02
openfga-final-model-store-example-tuples
[
{
"object": "user_repo:admin_global",
"relation": "member",
"user": "user:super_bob"
},
{
"object": "org:a",
"relation": "admin_repo",
"user": "user_repo:admin_global"
@ghstahl
ghstahl / openfga-github-style-enterprise-model.dsl
Last active November 19, 2022 18:54
openfga-github-style-enterprise-model
type feature
relations
define access as subscriber_member from associated_plan
define associated_plan as self
define subscriber as subscriber from associated_plan
type feature_repo
relations
define feature as self
type integrity
relations
@ghstahl
ghstahl / openfga-revoke-access-on-user-password-store-data.json
Last active October 20, 2022 19:30
openfga-revoke-access-on-user-password-store-data.json
{
"id": "01GDNMBXVJDG63HR5YJB356DG1",
"name": "integrity",
"authorization_model": {
"id": "01GFVB1ZJ6HP3TRPZC1BA41BJF",
"type_definitions": [{
"type": "integrity",
"relations": {
"member_in_context": {
"this": {}
@ghstahl
ghstahl / openfga-revoke-access-on-user-password-change_checks.json
Created October 20, 2022 19:23
openfga-revoke-access-on-user-password-change_checks.json
Query
========================
{
"tuple_key": {
"object": "org:a",
"relation": "member",
"user": "anne"
},
"contextual_tuples": {
"tuple_keys": [
@ghstahl
ghstahl / openfga-revoke-access-on-user-password-change_user_tuples.json
Last active November 19, 2022 21:15
openfga-revoke-access-on-user-password-change_user_tuples.json
[{
"object": "user_repo:global",
"relation": "member",
"user": "anne"
}, {
"user": "integrity:1",
"relation": "integrity",
"object": "user_repo:global"
}, {
"object": "integrity:1",
@ghstahl
ghstahl / openfga-revoke-access-on-user-password-change_authorization_model.dsl
Last active October 20, 2022 19:14
openfga-revoke-access-on-user-password-change_authorization_model.dsl
type integrity
relations
define member_in_context as self
define member as self and member_in_context
type org
relations
define member as self and member from user_repo and user_in_context
define user_in_context as self
define user_repo as self
type user_repo
@ghstahl
ghstahl / medium_openfga_features_and_permissions_all_features_in_an_org_query.txt
Last active August 22, 2022 16:50
medium_openfga_features_and_permissions_all_features_in_an_org_query.txt
//------------------------
// Request, find all plans that our org has subscribed to
//------------------------
{
"tuple_key": {
"object": "plan:",
"relation": "subscriber",
"user": "org:A"
},
"page_size": 50
@ghstahl
ghstahl / medium_openfga_features_and_permissions_all_tuples.json
Last active August 22, 2022 14:18
medium_openfga_features_and_permissions_all_tuples.json
[
{
"object": "org:A",
"relation": "member",
"user": "anne"
},
{
"object": "user_repo:*",
"relation": "member",
"user": "anne"