Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: bulk permission check api is added #1681

Open
wants to merge 3 commits into
base: master
Choose a base branch
from
Open

feat: bulk permission check api is added #1681

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
e134d1d
feat: bulk permission check api added
ucatbas Oct 10, 2024
7e96e31
chore: removed prints
ucatbas Oct 10, 2024
bb25aa7
feat: used bulkchecker
ucatbas Oct 14, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
145 changes: 145 additions & 0 deletions docs/api-reference/apidocs.swagger.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -651,6 +651,64 @@
]
}
},
"/v1/tenants/{tenant_id}/permissions/bulk-check": {
"post": {
"summary": "Bulk check permissions",
"description": "Checks multiple permissions for specified subjects on specified entities.",
"operationId": "permissions.bulkCheck",
"responses": {
"200": {
"description": "A successful response.",
"schema": {
"$ref": "#/definitions/BulkPermissionCheckResponse"
}
},
"default": {
"description": "An unexpected error response.",
"schema": {
"$ref": "#/definitions/Status"
}
}
},
"parameters": [
{
"name": "tenant_id",
"description": "Identifier of the tenant, if you are not using multi-tenancy (have only one tenant) use pre-inserted tenant \u003ccode\u003et1\u003c/code\u003e for this field. Required, and must match the pattern \\“[a-zA-Z0-9-,]+\\“, max 64 bytes.",
"in": "path",
"required": true,
"type": "string"
},
{
"name": "body",
"in": "body",
"required": true,
"schema": {
"$ref": "#/definitions/BulkCheckBody"
}
}
],
"tags": [
"Permission"
],
"x-codeSamples": [
{
"label": "go",
"lang": "go",
"source": ""
},
{
"label": "node",
"lang": "javascript",
"source": ""
},
{
"label": "cURL",
"lang": "curl",
"source": ""
}
]
}
},
"/v1/tenants/{tenant_id}/permissions/check": {
"post": {
"summary": "check api",
Expand Down Expand Up @@ -1479,6 +1537,34 @@
"default": "ATTRIBUTE_TYPE_UNSPECIFIED",
"description": "Enumerates the types of attribute.\n\n - ATTRIBUTE_TYPE_UNSPECIFIED: Not specified attribute type. This is the default value.\n - ATTRIBUTE_TYPE_BOOLEAN: A boolean attribute type.\n - ATTRIBUTE_TYPE_BOOLEAN_ARRAY: A boolean array attribute type.\n - ATTRIBUTE_TYPE_STRING: A string attribute type.\n - ATTRIBUTE_TYPE_STRING_ARRAY: A string array attribute type.\n - ATTRIBUTE_TYPE_INTEGER: An integer attribute type.\n - ATTRIBUTE_TYPE_INTEGER_ARRAY: An integer array attribute type.\n - ATTRIBUTE_TYPE_DOUBLE: A double attribute type.\n - ATTRIBUTE_TYPE_DOUBLE_ARRAY: A double array attribute type."
},
"BulkCheckBody": {
"type": "object",
"properties": {
"checks": {
"type": "array",
"items": {
"type": "object",
"$ref": "#/definitions/SinglePermissionCheck"
},
"description": "A list of permission checks to perform, required."
}
},
"description": "BulkPermissionCheckRequest is the request message for the BulkCheck method in the Permission service."
},
"BulkPermissionCheckResponse": {
"type": "object",
"properties": {
"results": {
"type": "array",
"items": {
"type": "object",
"$ref": "#/definitions/SinglePermissionCheckResponse"
},
"description": "A list of results for each permission check performed."
}
},
"description": "BulkPermissionCheckResponse is the response message for the BulkCheck method in the Permission service."
},
"Bundle.DeleteBody": {
"type": "object",
"properties": {
Expand Down Expand Up @@ -3037,6 +3123,65 @@
},
"description": "A field selection expression. e.g. `request.auth`."
},
"SinglePermissionCheck": {
"type": "object",
"properties": {
"index": {
"type": "integer",
"format": "int32",
"description": "The index of this permission check in the bulk request. Required."
},
"metadata": {
"$ref": "#/definitions/PermissionCheckRequestMetadata",
"description": "Metadata associated with this request, required."
},
"entity": {
"$ref": "#/definitions/Entity",
"example": "repository:1",
"description": "Entity on which the permission needs to be checked, required."
},
"permission": {
"type": "string",
"description": "The action the user wants to perform on the resource"
},
"subject": {
"$ref": "#/definitions/Subject",
"description": "Subject for which the permission needs to be checked, required."
},
"context": {
"$ref": "#/definitions/Context",
"description": "Contextual data that can be dynamically added to permission check requests. See details on [Contextual Data](../../operations/contextual-tuples)"
},
"arguments": {
"type": "array",
"items": {
"type": "object",
"$ref": "#/definitions/Argument"
},
"description": "Additional arguments associated with this request."
}
},
"description": "PermissionCheck defines a single permission check within a bulk request."
},
"SinglePermissionCheckResponse": {
"type": "object",
"properties": {
"index": {
"type": "integer",
"format": "int32",
"description": "The index of this permission check in the bulk response."
},
"can": {
"$ref": "#/definitions/CheckResult",
"description": "Result of the permission check."
},
"metadata": {
"$ref": "#/definitions/PermissionCheckResponseMetadata",
"description": "Metadata associated with this response."
}
},
"description": "SinglePermissionCheckResponse is the response message for the Check method in the Permission service."
},
"SourceInfo": {
"type": "object",
"properties": {
Expand Down
145 changes: 145 additions & 0 deletions docs/api-reference/openapiv2/apidocs.swagger.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -651,6 +651,64 @@
]
}
},
"/v1/tenants/{tenant_id}/permissions/bulk-check": {
"post": {
"summary": "Bulk check permissions",
"description": "Checks multiple permissions for specified subjects on specified entities.",
"operationId": "permissions.bulkCheck",
"responses": {
"200": {
"description": "A successful response.",
"schema": {
"$ref": "#/definitions/BulkPermissionCheckResponse"
}
},
"default": {
"description": "An unexpected error response.",
"schema": {
"$ref": "#/definitions/Status"
}
}
},
"parameters": [
{
"name": "tenant_id",
"description": "Identifier of the tenant, if you are not using multi-tenancy (have only one tenant) use pre-inserted tenant \u003ccode\u003et1\u003c/code\u003e for this field. Required, and must match the pattern \\“[a-zA-Z0-9-,]+\\“, max 64 bytes.",
"in": "path",
"required": true,
"type": "string"
},
{
"name": "body",
"in": "body",
"required": true,
"schema": {
"$ref": "#/definitions/BulkCheckBody"
}
}
],
"tags": [
"Permission"
],
"x-codeSamples": [
{
"label": "go",
"lang": "go",
"source": ""
},
{
"label": "node",
"lang": "javascript",
"source": ""
},
{
"label": "cURL",
"lang": "curl",
"source": ""
}
]
}
},
"/v1/tenants/{tenant_id}/permissions/check": {
"post": {
"summary": "check api",
Expand Down Expand Up @@ -1477,6 +1535,34 @@
],
"description": "Enumerates the types of attribute.\n\n - ATTRIBUTE_TYPE_BOOLEAN: A boolean attribute type.\n - ATTRIBUTE_TYPE_BOOLEAN_ARRAY: A boolean array attribute type.\n - ATTRIBUTE_TYPE_STRING: A string attribute type.\n - ATTRIBUTE_TYPE_STRING_ARRAY: A string array attribute type.\n - ATTRIBUTE_TYPE_INTEGER: An integer attribute type.\n - ATTRIBUTE_TYPE_INTEGER_ARRAY: An integer array attribute type.\n - ATTRIBUTE_TYPE_DOUBLE: A double attribute type.\n - ATTRIBUTE_TYPE_DOUBLE_ARRAY: A double array attribute type."
},
"BulkCheckBody": {
"type": "object",
"properties": {
"checks": {
"type": "array",
"items": {
"type": "object",
"$ref": "#/definitions/SinglePermissionCheck"
},
"description": "A list of permission checks to perform, required."
}
},
"description": "BulkPermissionCheckRequest is the request message for the BulkCheck method in the Permission service."
},
"BulkPermissionCheckResponse": {
"type": "object",
"properties": {
"results": {
"type": "array",
"items": {
"type": "object",
"$ref": "#/definitions/SinglePermissionCheckResponse"
},
"description": "A list of results for each permission check performed."
}
},
"description": "BulkPermissionCheckResponse is the response message for the BulkCheck method in the Permission service."
},
"Bundle.DeleteBody": {
"type": "object",
"properties": {
Expand Down Expand Up @@ -3017,6 +3103,65 @@
},
"description": "A field selection expression. e.g. `request.auth`."
},
"SinglePermissionCheck": {
"type": "object",
"properties": {
"index": {
"type": "integer",
"format": "int32",
"description": "The index of this permission check in the bulk request. Required."
},
"metadata": {
"$ref": "#/definitions/PermissionCheckRequestMetadata",
"description": "Metadata associated with this request, required."
},
"entity": {
"$ref": "#/definitions/Entity",
"example": "repository:1",
"description": "Entity on which the permission needs to be checked, required."
},
"permission": {
"type": "string",
"description": "The action the user wants to perform on the resource"
},
"subject": {
"$ref": "#/definitions/Subject",
"description": "Subject for which the permission needs to be checked, required."
},
"context": {
"$ref": "#/definitions/Context",
"description": "Contextual data that can be dynamically added to permission check requests. See details on [Contextual Data](../../operations/contextual-tuples)"
},
"arguments": {
"type": "array",
"items": {
"type": "object",
"$ref": "#/definitions/Argument"
},
"description": "Additional arguments associated with this request."
}
},
"description": "PermissionCheck defines a single permission check within a bulk request."
},
"SinglePermissionCheckResponse": {
"type": "object",
"properties": {
"index": {
"type": "integer",
"format": "int32",
"description": "The index of this permission check in the bulk response."
},
"can": {
"$ref": "#/definitions/CheckResult",
"description": "Result of the permission check."
},
"metadata": {
"$ref": "#/definitions/PermissionCheckResponseMetadata",
"description": "Metadata associated with this response."
}
},
"description": "SinglePermissionCheckResponse is the response message for the Check method in the Permission service."
},
"SourceInfo": {
"type": "object",
"properties": {
Expand Down
2 changes: 1 addition & 1 deletion integration-test/specific/health_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,7 @@ var _ = Describe("health-test", func() {
Context("Health", func() {
It("Health: Success", func() {
// Set up a connection to the server.
conn, err := grpc.DialContext(context.Background(), "permify:3478", grpc.WithTransportCredentials(insecure.NewCredentials()))
conn, err := grpc.DialContext(context.Background(), "localhost:3478", grpc.WithTransportCredentials(insecure.NewCredentials()))
if err != nil {
Expect(err).ShouldNot(HaveOccurred())
}
Expand Down
Loading