Feature
Add ability to model and bundle relations (tuples).
Problem
It is currently responsibility of the services to model how relations are created and deleted when actions happen on resources. Having the ability to model this in a central place helps with transparency and consistency. The most difficult part about using permify is creating and maintaining relationships in sync with the business model.
Solution
Add a similar DSL to .perm to create and maintain bundle of relationships.
Example
Permissions:
entity user {}
entity organization {
// organizational roles
relation admin @user
relation member @user
}
entity team {
// represents owner or creator of the team
relation owner @user
// represents direct member of the team
relation member @user
// reference for organization that team belong
relation org @organization
// organization admins or owners can edit, delete the team details
permission edit = org.admin or owner
permission delete = org.admin or owner
// to invite someone you need to be admin and either owner or member of this team
permission invite = org.admin and (owner or member)
// only owners can remove users
permission remove_user = owner
}
entity project {
// references for team and organization that project belongs
relation team @team
relation org @organization
permission view = org.admin or team.member
permission edit = org.admin or team.member
permission delete = team.member
}
Relations bundle:
relations project_created {
params {
projectId
teamId
orgId
}
add {
entity {
type team
id params.teamId
}
relation team
subject {
type project
id params.projectId
}
}
add {
entity {
type organization
id params.orgId
}
relation org
subject {
type project
id params.projectId
}
}
}
relations project_deleted {
params {
projectId
teamId
orgId
}
delete {
entity {
type team
id params.teamId
}
relation team
subject {
type project
id params.projectId
}
}
delete {
entity {
type organization
id params.orgId
}
relation org
subject {
type project
id params.projectId
}
}
}
This would require a relationship bundle API.
POST /relationships/bundle
BODY
{
"name": "project_created",
"params": {
"projectId": "1234"
"teamId": "teamA"
"orgId": "orgA"
}
}
With this functionality the code responsible for creating a project would either call this API directly or create an event for some other component to call this API.
I think this could help sove the problem of maintaining the relationships.
Best Regards,
Bruno Vale
Feature
Add ability to model and bundle relations (tuples).
Problem
It is currently responsibility of the services to model how relations are created and deleted when actions happen on resources. Having the ability to model this in a central place helps with transparency and consistency. The most difficult part about using permify is creating and maintaining relationships in sync with the business model.
Solution
Add a similar DSL to .perm to create and maintain bundle of relationships.
Example
Permissions:
Relations bundle:
This would require a relationship bundle API.
With this functionality the code responsible for creating a project would either call this API directly or create an event for some other component to call this API.
I think this could help sove the problem of maintaining the relationships.
Best Regards,
Bruno Vale