toby357
11/22/2021, 2:52 AMtoby357
11/22/2021, 2:53 AMJoey
11/22/2021, 2:53 AMJoey
11/22/2021, 2:53 AMJoey
11/22/2021, 2:54 AMdefinition user {}
definition vendor {
relation viewer: user
}
definition tenant {
relation parent_vendor: vendor
relation viewer: user
permission view = viewer + parent_vendor->viewer
}
Joey
11/22/2021, 2:54 AMviewer
on the tenant
or the vendor
, they can view
the tenanttoby357
11/22/2021, 2:54 AMtoby357
11/22/2021, 2:57 AMdefinition user {}
definition vendor {
relation viewer: user
relation parent_tenant: tenant
permission view: viewer + parent_tenant->viewer + parent_tenant->vendor_view
}
definition tenant {
relation viewer: user
permission view = viewer
permission vendor_view: user
}
toby357
11/22/2021, 2:58 AMJoey
11/22/2021, 2:58 AMrelation
can't have an expressiontoby357
11/22/2021, 2:58 AMJoey
11/22/2021, 2:58 AMpermission view = viewer + parent_tenant->viewer
?Joey
11/22/2021, 2:59 AMpermission vendor_view: user
to do?Joey
11/22/2021, 2:59 AMrelation
)toby357
11/22/2021, 2:59 AMJoey
11/22/2021, 3:00 AMtoby357
11/22/2021, 3:00 AMJoey
11/22/2021, 3:00 AMJoey
11/22/2021, 3:00 AMtoby357
11/22/2021, 3:01 AMtoby357
11/22/2021, 3:02 AMJoey
11/22/2021, 3:02 AMJoey
11/22/2021, 3:02 AMpermission view = viewer + parent_tenant->admin
or somesuchJoey
11/22/2021, 3:03 AMJoey
11/22/2021, 3:03 AMJoey
11/22/2021, 3:03 AMJoey
11/22/2021, 3:03 AMpermission view = viewer + admin + parent_tenant->admin
Joey
11/22/2021, 3:03 AMtoby357
11/22/2021, 3:04 AMJoey
11/22/2021, 3:04 AM