https://www.ory.sh/ logo
Join Slack
Powered by
Ok I found this issue which exists for this proble...
# talk-keto
a
Ok I found this issue which exists for this problem https://github.com/ory/keto/issues/1131 so it seems like a legit bug
I think in it would be good for Ory to mark OPL and permits as unfinished/experimental. My experience adopting Keto in my organization would be a lot better if the documentation told me to avoid those parts and only use relations.
w
I've actually got some code that, at least initially, fixes this issue.
a
Thanks, no hurry I can get by just using relations.
w
it will require quite a bit of rework on ory's part.
my tinkering with it is unlikely to impress them. the gist of what i did was refactor (slightly) their parser and refactored the TupleToSubjectSet to support nesting (with the relevant namespacing)
this also required a change in the check logic to support the nested TupleToSubjectSet traversal.
incidentally, this branch also includes my PR for bug #1204 (support 
this == ctx.subject)
if you're keen on tinkering with the branch i posted I can provide you with a keto.yml as well as a namespace OPL that I've been testing with. (as well as a json for populating the tuples)
b
Sorry guys, but are there any statement from ORY if this is really a bug? cuz I probably have the same issue with Erik and that PR is a year old and still open
w
I'm not sure if it's a high enough priority. I've just finished a refactor of the parser to "fix" nested expressions. I've gotten arbitrary depth traversals working on the parsing side as well as the "checks" side. My branch above has the parsing rework. The gist is: I updated the parser from the rigid handling of 
traverse
, 
includes
, and 
permits
to what (imo) handles each traversal as a frame and processes includes/permits as well as nested traversals correctly.
I just got the rework working yesterday so I have not yet updated the tests to add new cases for nested traversals but all of the current tests pass.
7 Views
Open in Slack
PreviousNext
Powered by