Hi there,
I'm trying to work my way through recursive relations and can't make something work...
Here's some sample playground: https://play.authzed.com/s/jKXWgTX2ANOe
A user can have a manager, recursively.
There is some calendar, who has an owner, and I want the manager of the owner to be able to create_event, delete_event and view the calendar.
I've created an user software_engineer who have a manager first_line_manager who also have a manager director.
Given the following schema and the test relationships, I would expect the director to be able to create_event, delete_event and view the calendar of the software_engineer.
This is not the case in the expected relations, but in the assertions the following assertions ""calendar:software_engineer_calendar#create_event@user:director"" is true.
(BTW an assertion with a non existing user in test relations is also true so I must have misunderstood something about assertions).
What am I missing ?
v
vroldanbet
03/16/2023, 11:09 AM
I think you are missing the recursion in the manage permission (I've taken the liberty to rename your permission to a verb as it is more idiomatic)
definition user {
relation manager: user
permission manage = manager + manager->manage
}
c
Clem
03/16/2023, 12:27 PM
@vroldanbet awesome thanks !
Is there some recommendation for naming permission (apart from using verbs)