ecordell
07/23/2024, 9:19 PMWatch
takes an optional_start_cursor
which will let you start from where you left off. It's a ZedToken
, and every watch response also includes its zedtoken, so you can pass the last one you received on re-connectAstroJay
07/23/2024, 9:25 PMThibaut Devigne
07/24/2024, 12:38 PMSumedha
07/24/2024, 3:13 PMmake it go faster
07/24/2024, 4:12 PMmake it go faster
07/24/2024, 4:18 PMkumimanu
07/24/2024, 7:22 PMauthzed/spicedb:v1.34.0
in GCP Cloud Run
- datastore is a postgres database in GCP AlloyDB
- changes to the docker image version prompt a Cloud Run Job to run any new migrations against the datastore
my problem is this: when running serve
on the container in Cloud Run, i get the following error:
error: "database validation failed: closed pool; if you have previously run `TRUNCATE`, this database is no longer valid and must be remigrated. See: https://spicedb.dev/d/truncate-unsupported"
level: "warn"
message: "could not check if the datastore was ready
the datastore is definitely migrated. the tables exist and there is seed data in some of them (relation_tuple_transaction, alembic_version, metadata). there was no manual TRUNCATE
run.
can anyone point me in the right direction to resolve this? i've tried running with trace
& debug
log levels, but this is still the best error message i can get. i'm pretty sure the postgres connection is happening successfully because i see logs in the database noting the connection establishment.
any help/guidance would be greatly appreciated. happy to provide more detail if needed. thanks!definitelyBenny
07/24/2024, 10:24 PMJoey
07/24/2024, 10:52 PMhalllo
07/25/2024, 7:37 PMJess
07/25/2024, 7:38 PMhalllo
07/25/2024, 7:41 PMhalllo
07/25/2024, 7:43 PMJess
07/25/2024, 8:12 PMsavour
07/25/2024, 11:26 PMdefinition user {}
definition business {
relation owner: user
relation member: user
relation book_keeper: user
relation has_capital: business
permission manage_business = owner
permission access_capital = book_keeper + owner + has_capital
}
definition capital {
relation business: business
relation reader: user
relation writer: user
permission view = reader + writer + business->access_capital
permission request = writer + business->owner + business->has_capital
permission edit = request + business->owner + business->has_capital
permission delete = business->owner + business->has_capital
}
Hi, am I on the right path and is the way im doing "correct"
The goal is that we have certain businesses that have access to our "capital product." In our capital product, only the owner can view
, edit
, request
, or delete
,
while the bookkeeper can only view
.
Also, I'm a big fan of the SpiceDB project!Joey
07/25/2024, 11:46 PMhas_capital
points to a business
, so it won't answer any queries for user subjectssavour
07/25/2024, 11:55 PMJoey
07/25/2024, 11:56 PMhas_capital: user
Joey
07/25/2024, 11:56 PMbusiness
, use an arrowJoey
07/25/2024, 11:57 PMhas_capital->access_capital
savour
07/26/2024, 12:00 AMJoey
07/26/2024, 12:10 AMsavour
07/26/2024, 12:12 AMassertTrue:
- business:foobar#has_capital@business:foobar#...
- capital:foobar#request@user:john#...
- capital:foobar#view@user:rose#...
our relationship
business:foobar#owner@user:john
business:foobar#has_capital@business:foobar
// Permission
business:foobar#book_keeper@user:rose
business:foobar#member@user:oli
//
capital:foobar#business@business:foobar
Joey
07/26/2024, 12:33 AMhas_capital: business
thenJoey
07/26/2024, 12:33 AMsavour
07/26/2024, 12:36 AMJoey
07/26/2024, 12:37 AMsavour
07/26/2024, 12:39 AMJoey
07/26/2024, 12:40 AMsavour
07/26/2024, 12:59 AM