https://authzed.com logo
Hi there
c

Clem

03/16/2023, 9:19 AM
Hi there, I'm trying to work my way through recursive relations and can't make something work... Here's some sample playground: https://play.authzed.com/s/jKXWgTX2ANOe A user can have a manager, recursively. There is some calendar, who has an owner, and I want the manager of the owner to be able to create_event, delete_event and view the calendar. I've created an user software_engineer who have a manager first_line_manager who also have a manager director. Given the following schema and the test relationships, I would expect the director to be able to create_event, delete_event and view the calendar of the software_engineer. This is not the case in the expected relations, but in the assertions the following assertions ""calendar:software_engineer_calendar#create_event@user:director"" is true. (BTW an assertion with a non existing user in test relations is also true so I must have misunderstood something about assertions). What am I missing ?
v

vroldanbet

03/16/2023, 11:09 AM
I think you are missing the recursion in the manage permission (I've taken the liberty to rename your permission to a verb as it is more idiomatic)
definition user {
    relation manager: user
    permission manage = manager + manager->manage
}
c

Clem

03/16/2023, 12:27 PM
@vroldanbet awesome thanks !
Is there some recommendation for naming permission (apart from using verbs)
v

vroldanbet

03/16/2023, 12:35 PM
verb is the usual covention
c

Clem

03/16/2023, 12:37 PM
Thanks