Am I correct in assuming reverse permission lookup...
# talk-ketob
bored-agency-21522
06/29/2023, 3:07 PMAm I correct in assuming reverse permission lookup is still not implemented and I need to iterate over all objects? 🤯
bored-agency-21522
06/29/2023, 3:09 PMFor the following OPL I want to get all the workspaces a user has access to either as a user or owner:
Copy code
import {
Namespace,
Context,
} from "@ory/permission-namespace-types";
class User implements Namespace {}
class Workspace implements Namespace {
related: {
owners: User[];
users: User[];
}
permits = {
// all users that are owners or users of this workspace can access it
view: (ctx: Context): boolean =>
this.related.users.includes(ctx.subject) ||
this.related.owners.includes(ctx.subject),
}
}
class Unit implements Namespace {
related: {
// the unit is only owned by one workspace, but all relations are many-to-many in keto
workspaces: Workspace[];
users: User[];
}
permits = {
// all workspace owners and users can view this unit
view: (ctx: Context): boolean =>
this.related.workspaces.traverse((w) =>
w.related.owners.includes(ctx.subject)
) || this.related.users.includes(ctx.subject),
}
}bored-agency-21522
06/29/2023, 3:36 PMp
purple-match-65245
07/06/2023, 4:48 PMTo be clear, you need to use the
Query relationshipsb
bored-agency-21522
07/06/2023, 4:52 PMI‘m not sure to be honest, but for my example that was enough as neither workspace nor unit are recursive.
p
purple-match-65245
07/06/2023, 4:54 PMRight, that makes sense in your example. I have a few levels of relationship and seems I need an API call for each one.
b
bored-agency-21522
07/06/2023, 4:56 PMThat’s interesting! Thank you for sharing that detail 🤝 will keep that in mind
29 Views