Hi guys I need a quick review of my OPL I d like to know if Ory Community #ory-selfhosting

Hi, guys I need a quick review of my OPL. I'd like...

adorable-sandwich-72048

03/28/2025, 7:34 AM

Hi, guys I need a quick review of my OPL. I'd like to know if I modelled my case right. If OPL is not enough I'd share also some Node.js code that I used to insert relations.

Copy code

import { Context, Namespace } from "@ory/keto-namespace-types";

class OrganizationUnit implements Namespace {
  related: {
    direct_members: User[];
    group_members: Group[];
  };

  permits = {
    isMember: (ctx: Context): boolean =>
      this.related.direct_members.includes(ctx.subject) ||
      this.related.group_members.traverse((group) =>
        group.permits.isMember(ctx)
      ),
  };
}

class Group implements Namespace {
  related: {
    members: User[];
  };

  permits = {
    isMember: (ctx: Context): boolean =>
      this.related.members.includes(ctx.subject),
  };
}

class User implements Namespace {}

class Resource implements Namespace {
  related: {
    viewers: OrganizationUnit[];
    contributors: OrganizationUnit[];
  };

  permits = {
    view: (ctx: Context): boolean =>
      this.related.viewers.traverse((ou) => ou.permits.isMember(ctx)),
    edit: (ctx: Context): boolean =>
      this.related.contributors.traverse((ou) => ou.permits.isMember(ctx)),
  };
}
class ResourceType implements Namespace {
  related: {
    resources: Resource[];
  };
}

adorable-sandwich-72048

03/28/2025, 7:36 AM

Basically I'm trying to organize users into Groups and OrganizationUnits and later assign them to Resources. I'd like to check whether user has view or edit ~~relation~~ permission based on which Org he's in. Is it possible in Keto now?

Open in Slack

Previous Next