<@U04UQ68083H> ory keto
Please help me update my c...
# ory-copilots
square-napkin-92357
06/27/2025, 9:16 AM@chilly-king-10285 ory keto
Please help me update my codes, I have some requirements:
• A have a table “dashboard” with many records: dashboard_id1, dashboard_id2,…
• A have many users, a user can be an owner of a dashboard (dashboard_id1), a user can be a viewer, a user can be a editor, owner also is an editor, user can view dashboard => this means user can view dashboard_id1, dashboard_id2
Copy code
class User implements Namespace {
related: {
editors: User[]
viewers: User[]
owners: User[]
}
}
class Dashboard implements Namespace {
related: {
members: (User | Dashboard)[]
}
}
class DashboardInstance implements Namespace {
related: {
parents: Dashboard[]
viewers: (User | SubjectSet<Dashboard, "members">)[]
owners: (User | SubjectSet<Dashboard, "members">)[]
editors: (User | SubjectSet<Dashboard, "members">)[]
}
permits = {
view: (ctx: Context): boolean =>
this.related.parents.traverse((p) =>
p.related.viewers.includes(ctx.subject),
) ||
this.related.viewers.includes(ctx.subject) ||
this.related.owners.includes(ctx.subject),
edit: (ctx: Context): boolean => this.related.editors.includes(ctx.subject),
}
}b
brief-egg-61061
06/27/2025, 9:16 AMA message from kapa.ai
brief-egg-61061
06/27/2025, 9:16 AMBased on your requirements and the Ory Keto Permission Language (OPL) best practices, here’s how you can update your code: ### Requirements Recap - You have a
dashboard Copy code
typescript import { Namespace, Context, SubjectSet } from "@ory/keto-namespace-types" class User implements Namespace {} class Dashboard implements Namespace { related: { owners: User[] editors: User[] viewers: User[] parents: Dashboard[] } permits = { // Owners are also editors, editors are also viewers view: (ctx: Context): boolean => this.related.viewers.includes(ctx.subject) || this.permits.edit(ctx) || this.related.parents.traverse((parent) => parent.permits.view(ctx)), edit: (ctx: Context): boolean => this.related.editors.includes(ctx.subject) || this.permits.own(ctx), own: (ctx: Context): boolean => this.related.owners.includes(ctx.subject), } } class DashboardInstance implements Namespace { related: { parents: Dashboard[] viewers: (User | SubjectSet<Dashboard, "viewers">)[] editors: (User | SubjectSet<Dashboard, "editors">)[] owners: (User | SubjectSet<Dashboard, "owners">)[] } permits = { // Inherit view permission from parent dashboard view: (ctx: Context): boolean => this.related.viewers.includes(ctx.subject) || this.permits.edit(ctx) || this.related.parents.traverse((parent) => parent.permits.view(ctx)), edit: (ctx: Context): boolean => this.related.editors.includes(ctx.subject) || this.permits.own(ctx), own: (ctx: Context): boolean => this.related.owners.includes(ctx.subject), } }ownerseditorsviewersthis.permits.edit(ctx)this.permits.own(ctx).traverseSubjectSet<Dashboard, "viewers">s
square-napkin-92357
06/27/2025, 9:22 AM@chilly-king-10285 all codes in permission.ts
i am using ory keto on docker compose, how can i add this file into ory keto
b
brief-egg-61061
06/27/2025, 9:22 AMA message from kapa.ai
brief-egg-61061
06/27/2025, 9:22 AMTo use your
permission.ts.tspermission.ts Copy code
sh ory get permission-config --project <project-id> --workspace <workspace-id> --format yaml > permission-config.yamlpermission-config.yamldocker-compose.yml Copy code
yaml services: keto: image: oryd/keto:<version> volumes: - ./permission-config.yaml:/etc/config/permission-config.yaml command: - serve - --config - /etc/config/permission-config.yaml.tss
square-napkin-92357
06/27/2025, 10:07 AM@chilly-king-10285 please give me an api to get list identities
b
brief-egg-61061
06/27/2025, 10:07 AMA message from kapa.ai
brief-egg-61061
06/27/2025, 10:07 AMTo get a list of identities in Ory, you can use the following API endpoint:
Copy code
GET /admin/identitiesstrongeventualpasswordoidc Copy code
GET /admin/identities?page_size=100&consistency=eventual