Joey
11/18/2022, 11:21 PMJoey
11/18/2022, 11:22 PMethanlew
11/18/2022, 11:23 PMJoey
11/18/2022, 11:25 PMJoey
11/18/2022, 11:26 PMdefinition user {}
caveat allowed_ip(user_ip ipaddress, allowed_ip_range string) {
user_ip.in_cidr(allowed_ip_range)
}
definition document {
relation reader: user with allowed_ip
permission view = reader
}
Joey
11/18/2022, 11:26 PMJoey
11/18/2022, 11:26 PMJoey
11/18/2022, 11:26 PMJoey
11/18/2022, 11:27 PMCREATE document:firstdoc reader user:ethan[allowed_ip:{allowed_ip_range:"1.2.3.0"}]
Joey
11/18/2022, 11:27 PMuser:ethan
is always gated on that allowed IP rangeJoey
11/18/2022, 11:28 PMCheckPermission
time, you'd have to specify user_ip
(the user's current IP); if you don't, you'd get back a PERMISSIONSHIP_CONDITIONAL_PERMISSION
Joey
11/18/2022, 11:28 PMuser:ethan
has access without the current IPPerseus
11/19/2022, 6:14 AM{
"type": "Error",
"message": "2 UNKNOWN: unable to find revision: ERROR: column \"id\" does not exist (SQLSTATE 42703)",
"stack": ...
}
It seems to happen at random, and might go away if I make the same call again. I'm running spicedb with the operatorJoey
11/19/2022, 7:31 AMPerseus
11/19/2022, 7:48 AMJoey
11/19/2022, 8:04 AMJoey
11/19/2022, 8:04 AMSingha1
11/20/2022, 11:29 AMSingha1
11/20/2022, 6:31 PMbigzofsg
11/20/2022, 7:10 PMbigzofsg
11/20/2022, 7:11 PMbigzofsg
11/20/2022, 7:16 PMIgor.Shmukler
11/20/2022, 9:04 PMzed relationship create organization:1 owner user:2
zed relationship create event:1 organization organization:1
Only, except for the records that I want seeded [dummy test data], instead of zed
, which is CLI tool, I use the SpiceDB API.Joey
11/20/2022, 9:07 PMJoey
11/20/2022, 9:08 PMSingha1
11/20/2022, 9:11 PMJoey
11/20/2022, 9:12 PMJoey
11/20/2022, 9:12 PMSingha1
11/20/2022, 9:16 PMJoey
11/20/2022, 9:23 PM