tartignolle
08/25/2022, 3:36 PMdefinition user {}
definition resource_group {
relation reader: user
permission read = reader
}
definition resource {
relation reader: user
relation writer: user
relation parent: resource_group | resource
permission read = reader + writer + parent->read
permission write = reader
}
I create the following relations
relationship("resource:F1#reader@user:U1"),
relationship("resource:F2#reader@user:U2"),
relationship("resource:F1#parent@resource_group:G1"),
relationship("resource_group:G1#reader@user:U1")
I delete this relation:
relationship("resource:F1#parent@resource_group:G1")
I receive the following result from the Watch API:
watchResponse {
updates [{
operation = 3
relationship = {
objectType = "resource"
objectId = "F1"
}
relation = "parent"
subject = {
object = {
objectType = "resource_group"
objectId = "G1"
}
optionalRelation = ""
}
I'd then expect to call the LookupSubject API with something like this:
LookupSubjectsRequest {
ObjectReference: {
ObjectType: resource_group,
ObjectId: G1,
},
permission: ???
}
Pb is the permission value
Thanks !