naming conventions
# spicedb
Hi. Are there any good naming conventions for authorization parameters and data structures? Like a naming convention (to avoid bike shedding) for permissions, feature flags, + strategies for nesting/flat data structures etc in client-facing APIs. – I am currently working out how to represent my Spice DB schema in GraphQL for my UI (webapp client) to know what to display and/or mutate. Any link and/or quick two cents is appreciated. Thanks<3
What I've always done is: permissions get named with a verb, from the end user's point of view, e.g.
(on some container), etc relations get named with the actual relationship that the subject has to the resource, e.g. if you were to write a sentence "Jake is a reader of document ABC" to describe the relationship, the relation name would be
, they often end in
objects get the singular form of their type name, e.g.
synthetic relations (i.e. the permissions that get created to work around the lack of nested arrows) are named by converting the arrow to an underscore e.g.
permission parent_view = parent->view
nesting as a naming concept never really comes up outside of picking the relation name for the object under which an object is nested e.g.
relation parent: folder
relation folder: folder
for the relation to a nesting context
and that usually depends on whether you want to have polymorphic nesting contexts with a duck typed interface, e.g.
relation parent: folder | organization
and then
permission view = reader + parent->view
ah, this is great. thanks!