UNPKG

@schoolai/spicedb-zed-schema-parser

Version:

SpiceDB .zed file format parser and analyzer written in Typescript

github.com/SchoolAI/spicedb-zed-schema-parser

SchoolAI/spicedb-zed-schema-parser

107 lines (92 loc) 2.83 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
import { v1 } from '@authzed/authzed-node' import { Operation, parseReference, SpiceDBClient } from './types' /** * Base class for operations that write relationships */ export class WriteOperation implements Operation<string | null> { protected subjects: string[] = [] protected resources: string[] = [] protected consistency?: v1.Consistency constructor( protected operation: 'grant' | 'revoke', protected relation: string, ) {} subject(ref: string | string[]): this { this.subjects = Array.isArray(ref) ? ref : [ref] return this } resource(ref: string | string[]): this { this.resources = Array.isArray(ref) ? ref : [ref] return this } withConsistency(token: string): this { this.consistency = v1.Consistency.create({ requirement: { oneofKind: 'atLeastAsFresh', atLeastAsFresh: v1.ZedToken.create({ token }), }, }) return this } async execute(client: SpiceDBClient): Promise<string | null> { const updates: v1.RelationshipUpdate[] = [] for (const subjectRef of this.subjects) { for (const resourceRef of this.resources) { const [subjectType, subjectId] = parseReference(subjectRef) const [resourceType, resourceId] = parseReference(resourceRef) const relationship = v1.Relationship.create({ resource: v1.ObjectReference.create({ objectType: resourceType, objectId: resourceId, }), relation: this.relation, subject: v1.SubjectReference.create({ object: v1.ObjectReference.create({ objectType: subjectType, objectId: subjectId, }), }), }) updates.push( v1.RelationshipUpdate.create({ relationship, operation: this.operation === 'grant' ? v1.RelationshipUpdate_Operation.TOUCH : v1.RelationshipUpdate_Operation.DELETE, }), ) } } const request = v1.WriteRelationshipsRequest.create({ updates }) const response = await client.writeRelationships(request) return response.writtenAt?.token || null } /** * Convert to a plain object for serialization */ toJSON() { return { operation: this.operation, relation: this.relation, subjects: this.subjects, resources: this.resources, consistency: this.consistency, } } } /** * Bound version of WriteOperation with immediate execute */ export class BoundWriteOperation extends WriteOperation { constructor( private client: SpiceDBClient, operation: 'grant' | 'revoke', relation: string, ) { super(operation, relation) } async execute(): Promise<string | null> { return super.execute(this.client) } }