Joey
11/21/2022, 6:31 PMSingha1
11/21/2022, 6:48 PMJoey
11/21/2022, 6:49 PMSingha1
11/21/2022, 6:50 PMJoey
11/21/2022, 6:51 PMSingha1
11/21/2022, 6:52 PMJoey
11/21/2022, 6:59 PMSingha1
11/21/2022, 7:00 PMJoey
11/21/2022, 7:05 PMtrue
on the enable caveatsSPICEDB_EXPERIMENT_ENABLE_CAVEATS: true
Singha1
11/21/2022, 7:07 PMJoey
11/21/2022, 7:13 PMSingha1
11/21/2022, 7:14 PMJoey
11/21/2022, 7:15 PMSingha1
11/21/2022, 7:47 PMJoey
11/21/2022, 8:05 PMSingha1
11/21/2022, 8:21 PM{
"updates": [
{
"operation": "OPERATION_TOUCH",
"relationship": {
"resource": {
"objectType": "resource",
"objectId": "topsecret1"
},
"relation": "viewer",
"subject": {
"object": {
"objectType": "user",
"objectId": "Romil"
}
},
"OptionalCaveat": {
"CaveatName": "ip_allowlist",
"Context": {
"cidr": "1.2.3.0"
}
}
}
}
]
}
{
"consistency": {
"minimizeLatency": true
},
"resource": {
"objectType": "resource",
"objectId": "topsecret1"
},
"permission": "view",
"subject": {
"object": {
"objectType": "user",
"objectId": "Romil"
}
},
"Context": {
"cidr": "7.2.3.0"
}
}
Joey
11/21/2022, 8:22 PMOptionalCaveat
needs to be optional_caveat
Singha1
11/21/2022, 8:22 PMJoey
11/21/2022, 8:22 PMrelation viewer: user | user with ip_allowlist
relation viewer: user with ip_allowlist