ghstahl
/ medium_openfga_features_and_permissions_queries.txt
Last active
August 16, 2022 00:27
medium_openfga_features_and_permissions_queries.txt
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| //------------------------------ | |
| // REQUEST | |
| //------------------------------ | |
| { | |
| "tuple_key": { | |
| "object": "org:A", | |
| "relation": "member", | |
| "user": "anne" | |
| }, | |
| "contextual_tuples": { |
ghstahl
/ medium_openfga_features_and_permissions.dsl
Last active
August 16, 2022 00:25
medium_openfga_features_and_permissions.dsl
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| type feature | |
| relations | |
| define associated_plan as self | |
| define member as subscriber_member from associated_plan | |
| type org | |
| relations | |
| define admin as self and member | |
| define member as self and member from user_repo and user_in_context | |
| define plan_provider as self | |
| define user_in_context as self |
ghstahl
/ medium_openfga_resources_and_service_principals_for_teams_queries.txt
Created
August 15, 2022 16:25
medium_openfga_resources_and_service_principals_for_teams_queries.txt
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| //----------------------- | |
| // REQUEST | |
| //----------------------- | |
| { | |
| "tuple_key": { | |
| "object": "resource:A/vault/pet-micro", | |
| "relation": "access_permission_witer", | |
| "user": "beth" | |
| }, |
ghstahl
/ medium_openfga_resources_and_service_principals_for_teams_all_tuples.json
Created
August 15, 2022 16:21
medium_openfga_resources_and_service_principals_for_teams_all_tuples.json
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [ | |
| { | |
| "object": "org:A", | |
| "relation": "member", | |
| "user": "sp/b911ab7e-d2d9-4b69-9797-9d3b3e12800b" | |
| }, | |
| { | |
| "object": "user_repo:A/service_principals", | |
| "relation": "member", | |
| "user": "sp/b911ab7e-d2d9-4b69-9797-9d3b3e12800b" |
ghstahl
/ medium_openfga_resources_and_service_principals_for_teams.dsl
Created
August 15, 2022 16:06
medium_openfga_resources_and_service_principals_for_teams.dsl
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| type org | |
| relations | |
| define admin as self and member | |
| define member as self and member from user_repo and user_in_context | |
| define user_in_context as self | |
| define user_repo as self | |
| type resource | |
| relations | |
| define access_permission_reader as member from permission_reader | |
| define access_permission_reader_metadata as member from permission_reader_metadata |
ghstahl
/ medium_openfga_resources_and_service_principals_queries.txt
Created
August 14, 2022 18:54
medium_openfga_resources_and_service_principals_queries.txt
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| curl --location --request POST 'http://localhost:3601/stores/01GAEMNPYJ77FZJG4X2XXCXR08/check' \ | |
| --header 'Content-Type: application/json' \ | |
| --header 'Accept: application/json' \ | |
| --data-raw '{ | |
| "tuple_key": { | |
| "object": "resource:A/vault/pet-micro", | |
| "relation": "reader", | |
| "user": "sp/pets_micro" | |
| }, | |
| "contextual_tuples": { |
ghstahl
/ medium_openfga_resources_and_service_principals_create_resources.json
Created
August 14, 2022 17:51
medium_openfga_resources_and_service_principals_create_resources.json
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [ | |
| { | |
| "object": "resource:A/vault/pet-micro", | |
| "relation": "owner", | |
| "user": "org:A" | |
| }, | |
| { | |
| "object": "resource:A/vault/pet-micro", | |
| "relation": "writer", | |
| "user": "sp/pets_micro" |
ghstahl
/ medium_openfga_resources_and_service_principals_service_principal_users.json
Created
August 14, 2022 17:30
medium_openfga_resources_and_service_principals_service_principal_users.json
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [ | |
| { | |
| "object": "org:A", | |
| "relation": "user_repo", | |
| "user": "user_repo:A/service_principals" | |
| }, | |
| { | |
| "object": "user_repo:A/service_principals", | |
| "relation": "member", | |
| "user": "sp/pets_micro" |
ghstahl
/ medium_openfga_resources_and_service_principals_authorization_model.dsl
Created
August 14, 2022 17:23
medium_openfga_resources_and_service_principals_authorization_model.dsl
ghstahl
/ medium_openfga_resources_and_service_principals_all_the_tuples.json
Last active
August 14, 2022 18:55
medium_openfga_resources_and_service_principals_all_the_tuples.json
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [ | |
| { | |
| "object": "org:A", | |
| "relation": "user_repo", | |
| "user": "user_repo:*" | |
| }, | |
| { | |
| "object": "org:A", | |
| "relation": "user_repo", | |
| "user": "user_repo:A/service_principals" |