johanrd
05/06/2024, 12:34 PMJake
05/06/2024, 2:27 PMview
, delete
, create_user
(on some container), etc
relations get named with the actual relationship that the subject has to the resource, e.g. if you were to write a sentence "Jake is a reader of document ABC" to describe the relationship, the relation name would be reader
, they often end in -er
objects get the singular form of their type name, e.g. user
, document
, folder
synthetic relations (i.e. the permissions that get created to work around the lack of nested arrows) are named by converting the arrow to an underscore e.g. permission parent_view = parent->view
Jake
05/06/2024, 2:29 PMrelation parent: folder
or relation folder: folder
for the relation to a nesting contextJake
05/06/2024, 2:30 PMrelation parent: folder | organization
and then permission view = reader + parent->view
johanrd
05/06/2024, 6:51 PM