Auto OpenFGA Configuration

Crain-32 commented 8 months ago

Note, this branch is based from gh-14, I'll rebase it as needed until that PR is merged. It also resolves #5

Adjustments to LoadFgaData to mirror Spring Data more closely, with the following flows (Diagram is overkill, but I don't often get excuses to use them)

Store ID and Authorization Model ID is set (Ideal Production Flow)

sequenceDiagram
  box Green Spring 
  participant FgaProperties
  participant InitalizationBean
  end
  participant OpenFgaServer
  InitalizationBean->>FgaProperties: Get Store ID
  InitalizationBean->>OpenFgaServer: Validate Store ID
  break Invalid Store ID Response
    OpenFgaServer->>InitalizationBean: Throw Exception, Application Fails to load.
  end
  InitalizationBean->>FgaProperties: Get Authorization Model ID
  InitalizationBean->>OpenFgaServer: Validate Authorization Model ID
  break Invalid Authorization Model ID Response
    OpenFgaServer->>InitalizationBean: Throw Exception, Application Fails to load.
  end

Store ID Set with an unset Authorization Model ID (Development Flow)

sequenceDiagram
  box Green Application
  participant FgaProperties
  participant InitalizationBean
  end
  participant OpenFgaServer
  InitalizationBean->>FgaProperties: Get Store ID
  InitalizationBean->>OpenFgaServer: Validate Store ID
  break Invalid Store ID Response
    OpenFgaServer->>InitalizationBean: Throw Exception, Application Fails to load.
  end
  InitalizationBean->>FgaProperties: Sees unset Authorization Model ID
  InitalizationBean->>OpenFgaServer: Get Latest Authorization Model ID
  break Missing/Bad Authorization Model ID Response
    OpenFgaServer->>InitalizationBean: Throw Exception, Application Fails to load.
  end
  InitalizationBean->>FgaProperties: Sets Authorization Model ID

Unset Store with a set Store Name (Testing/Initial Development)

sequenceDiagram
  box Green Spring 
  participant FgaProperties
  participant InitalizationBean
  end
  participant OpenFgaServer
  InitalizationBean->>FgaProperties: Sees unset Store ID
  InitalizationBean->>FgaProperties: Gets Store Name
  InitalizationBean->>OpenFgaServer: Create new Store
  break Failure to Create Store Response
    OpenFgaServer->>InitalizationBean: Throw Exception, Application Fails to load.
  end
  InitalizationBean->>FgaProperties: Sets new Store ID in Properties and SDK.
  InitalizationBean->>FgaProperties: Get Authorization Schema Location
  alt No Location Set in Properties
      FgaProperties->>InitalizationBean: Returns default location `classpath:/data/openfga-schema.json`
  end
  InitalizationBean->>OpenFgaServer: Create new Authorization Model
  break Failure to Create Authorization Model
    OpenFgaServer->>InitalizationBean: Throw Exception Application Fails to load.
  end
  InitalizationBean->>FgaProperties: Set new Authorization Model ID in Properties
  InitalizationBean->>FgaProperties: Get Relationship Tuple Locations
  alt No Location Set in Properties
    FgaProperties->>InitalizationBean: Returns default location `classpath:/data/openfga-tuple.json`
  end
  loop For each File
    InitalizationBean->>OpenFgaServer: Write new Relationship Tuple
  end
  break Fail to write Tuple
    OpenFgaServer->>InitalizationBean: Throw Exception, Application Fails to load.
  end

Some parts are messier than I'd like, but given how this section of the code needs to feel "Spring" like, I figured I'd leave them a little messy in case @rwinch has any specific feedback.

I opted for the ability to use multiple files for the Relationship tuples to give some freedom in regards to composing different things together in tests, and I've tested both the overriden and default locations in our Tests.

jimmyjames commented 8 months ago

👋 hey @Crain-32, #14 has been merged, would you mind rebasing this PR so it's easier to see the diff? Thanks!

jimmyjames commented 8 months ago

Thanks for rebasing @Crain-32! I'll take a look this week 📆

jimmyjames / fga-spring-examples