we'd be thrilled to have the contribution

if you have any questions about how to develop the schema, feel free to ask here

if you'd like 1-on-1 help with it, we also can schedule a schema design session

https://docs.authzed.com/reference/schema-lang#common-patterns is a good reference for some common patterns found in schemas

and we have https://authzed.com/blog/build-you-a-google-groups/ which has a video and article about how to model Google Groups-like permissions, which have a bunch of patterns

That would be a big help! Thanks @User! I'll have a deeper look into SpiceDB and update you on my findings

sounds good!

i have a schema like so

definition group {
    relation user: user
    relation parent: group
    permission member= user + parent
    
}
definition process {
    relation parent: process
    relation reader : user | group#member
    relation organization: organization
    relation writer: user | group#member
    relation property : property
    relation has_child : process
    relation deny_reader: user | group#member
    permission read = (reader + parent-> read + organization-> read) - deny_reader
    permission write = writer + parent-> write + organization-> write


}
definition user {}

I'm trying to write the relationship process:1#reader@group:1#member through the GRPC endpoint I however can't find the correct notation for the Subject/SubjectReference I've tried SubjectId: 1#member SubjectType:group ObjectId: 1 objectType: process relation: reader This however gives an error "subject group:1#member is not allowed for the resource process:1" What would be the correct subjectreference to create the relationship?

organizations and properties are left out for brevity

Object is the left hand side of relationships

And

member

becomes the optional subject relation part of the subject reference

indeed, the resource basically

so my ObjectReference/Resource = objectid:1,objecttype:process, and i'm trying to write Subject(Another objectreference) as object(subject)id: 1#member, objecttype: group

I'm sorry, I see now in the initial message i inverted the two

Corrected

I however have no idea how to write the optional subject relation

it's a separate property on subject reference

oh wow

Somehow my generated code decided to skip that property

I'm so sorry!

you're generating your own protos?

I'm indeed generating the contracts seperately, (I'm using .NET 6 with protobuf-net)

Sorry for the inconvenience, small oversight :/

we can work on getting a .NET library generated in the

authzed

github namespace, or we can take what you've done as a starting point, what do you think?

I'll see if I can free some time to create a project and a PR for that, will be in touch then

AFAIK there are two main ways to work with grpc in .NET, through unmanaged bindings and through protobuf-net.GRPC (managed)

I personally prefer the latter but can image others wanting to work with the former

So perhaps I'll make two libraries

Fixed and it's working now Thanks a lot