connor
06/23/2022, 6:34 PMguiber
06/26/2022, 6:27 PMAndy
06/27/2022, 5:03 PMAndy
06/27/2022, 5:05 PMAndy
06/27/2022, 5:16 PMdefinition user {}
definition workspace {
relation owner: user
relation editor: user
relation reader: user
permission read: owner + editor + reader
permission write: owner
}
definition project {
relation workspace: workspace // Removed the namespace
relation reader: user
relation writer: user
permission read: reader + writer + workspace->editor + workspace->owner
permission write: writer + workspace->editor + workspace->owner
permission invite_viewer: workspace->owner + workspace->editor
}
Andy
06/27/2022, 5:17 PMAndy
06/27/2022, 5:29 PMJake
06/27/2022, 5:31 PMLookupSubjects
API which is currently in proposalJake
06/27/2022, 5:31 PMJake
06/27/2022, 5:31 PMExpandPermissionTree
and recursively re-expand where necessary to get all the way to your user typeAndy
06/27/2022, 5:33 PMAndy
06/27/2022, 5:35 PMJake
06/27/2022, 5:40 PMJake
06/27/2022, 5:41 PMAndy
06/27/2022, 5:42 PMAndy
06/27/2022, 5:43 PMconnor
06/27/2022, 5:55 PMJoey
06/27/2022, 5:56 PMJoey
06/27/2022, 5:56 PMpermission
in the downstream definition(s)Joey
06/27/2022, 5:56 PMconnor
06/27/2022, 5:56 PMconnor
06/27/2022, 5:57 PMapplication->view_all
I believeJoey
06/27/2022, 5:58 PMJoey
06/27/2022, 5:58 PMtoken->app_view_all
and then do permission app_view_all = application->view_all
in the tokenconnor
06/27/2022, 5:58 PMJoey
06/27/2022, 5:59 PMconnor
06/27/2022, 5:59 PMguiber
06/27/2022, 7:49 PMAndy
06/27/2022, 8:50 PMJoey
06/27/2022, 8:51 PM