-
Notifications
You must be signed in to change notification settings - Fork 123
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Possibility to use numbers in relations and permissions #617
Comments
Hi @riba1979, you should be able to create relation tuples with alphanumeric characters. Are you trying to use numbers in the schema ? If that so I'd love to understand the use case in more depth to make a comment. Could you send your model/schema ? |
Hi, entity user {}
entity organization {
relation WSO2_manage @user
relation administrator @user
relation consulting @user
relation editor @user
permission p_view_resource_14050 = editor or consulting
permission p_create_WSO2_API = WSO2_manage
} |
Hi @riba1979, thanks for sharing the schema. Defining permissions associated with specific resources can create bottlenecks and hinder the scalability of authorization in the future because you'll need dozens of roles, each created for a specific resource, which leads to the role explosion problem. Furthermore, this approach won't work with the current Permify workflow. My suggestion here is to attempt a more finely-grained schema and then create relationships between the resources by associating them using relation tuples. I'm not sure if the following schema covers the one you sent me, but it will give you an idea of the suggested way to structure resources and entities.
Then you can create following tuples to form relationships between entities;
This way, you basically prevent permission explosion and shift the burden to the relation tuples. I'm interested in hearing your thoughts on this. I'd also love to learn more details about your migration process, so please feel free to schedule a call to discuss. |
Is your feature request related to a problem? Please describe.
I'm trying to migrate roles and permissions from a legacy system. The problem is that the system has roles/permissions with names made up of numbers (for example: "departament_5005") and when I try to create a schema, I get the error "Error: 4:20:expected next token to be SIGN, got ILLEGAL instead".
Describe the solution you'd like
I would like to be able to use numbers in both relations and permissions.
Describe alternatives you've considered
Additional context
The text was updated successfully, but these errors were encountered: