so this is a non-starter, even if i were to try to contribute a solution?

i see, thats fair, thanks for the quick heads-up

no, if you can find a good solution, we'd likely accept it

but I suspect its going to require some significant changes

yep i'll take a peek but i assume it will really be too much to think about

there is an existing txn construct in the PG datastore driver

and you could add a function to construct one for a given connection

but

you'll also need to add the validation that currently occurs in services/v1/relationships.go in front of any write calls

lest you accidentally write invalid rels

How should I write complicated queries with pagination, filtering and sorting with spicedb? List endpoint API

I read it. I need advanced filtering and pagination. It can’t be developed in these ways because they are not efficient and I can loop many times over the database. Maybe I need the Materialize. Is there a release date?

For example, if I have database table with 1M records and I need to do sort, filter and paginate and I have for 5000 records view permission.

How do I get page number 3 records?

you'd use Materialize then. It is available now (in early access)

and to clarify, materialize is a feature of our paid platform

I have setup my schema following the guide on user-defined roles. What I imagine is the app providing: 1. some default roles out of the box 2. users creating roles they can reuse across projects

So in my app, I would like to provide a default experience where consistency uses

minimizeLatency

and

atLeastAsFresh

when no zookie is provided. This would mean I need to cache a recent enough zookie in my backend and use that when none is provided. 1. Does this make sense? 2. Should I be concerned about this with respect to the New Enemy Problem? 3. Does the Node client support this out-of-the-box? 4. Is it better to middleware my call chain or listen to the event stream from SpiceDB?

👋 A question around the operator and releases.... Do you know when we could expect a new version of the operator? Quite interested in testing [this](https://github.com/authzed/spicedb/pull/2587) 🙂

hey, random question: maybe I'm misunderstanding something, but it seems like

ReadRelationships

always includes an

after_result_cursor

, even if it returned all the contents and

optional_limit

hasn't been set. can I just ignore it in that case?

The cursor should be safe to ignore in that case.

and we might be removing it in the future unless limit is specified

Hello ! we are currently looking for solutions to integrate MFA enforcing in our systems. where all resources belonging to some workspace are only available if the user has some kind of MFA enabled. one of my ideas was to add a caveat to the relation between the user and the workspace. (caveat with 2 arguments : expected_amr, and provided_amr, where expected_amr is defined when configuring the relation, and provided_amr is provided in the context of the query) this works, but has a sizeable flaw : when the admin of a workspace changes the mfa requirements, we need to update all user relations. now, this shouldn't happen too often (well, basically only once per workspace at most) I tried to find a way to configure it only once for the specifice "workspace" ressource, but couldn't find a way. is there a way to do that ? is my first idea the only way to do that ? (probably not, I could handle this outside SpiceDB, but shouldn't access management use SpiceDB ?)

Hey guys, quick question: Is there a way I could point a permission to itself? For example:

definition user {
   permission view_profile = this->user
}

So that a user can only view it's own profile, for example

At least in SpiceDB's serve-test mode, I'm noticing that the last LookupResourcesResponse has a non-empty after_result_cursor, even when the next page has no results. Is this a bug or as intended?

Cursor is always returned

the idea is that you continue fetching until you receive no results

and the cursor is just tracking where in the result set you are - it's not necessarily an indication that there are additional results to receive

Thanks for the explanation!