nidomiro / relation-tuple-parser

MIT License
6 stars 3 forks source link

relation-tuple-parser

This is a collection of libraries that can parse a string representation of a Relation tuple to an object structure in different languages or frameworks.

Relation tuples are used to evaluate permissions in "Zanzibar: Google's Consistent, Global Authorization System".

The BNF of a valid Relation tuple is as follows:

<relation-tuple> ::= <object>'#'relation'@'<subject> | <object>'#'relation'@('<subject>')'
<object> ::= namespace':'object_id
<subject> ::= subject_id | <subject_set>
<subject_set> ::= <object>'#'relation

Examples of valid strings:

namespace:object#relation@subjectId
namespace:object#relation@(subjectId)
namespace:object#relation@subjectNamespace:subjectObject#subjectRelation
namespace:object#relation@(subjectNamespace:subjectObject#subjectRelation)

The different parts of the Relation tuple can contain any character but :#@().

A Relation tuple can easily be verbalised: The Relation tuple sharedFiles:a.txt#access@(dirs:b#access) can be verbalised as "Anyone with access to dirs:b has access to sharedFiles:a.txt".

Repository content

Examples

Libraries

Development Info

Publish typescript versions

nx run-many --projects=typescript,typescript-ory-keto --target=publish --tag latest --ver x.x.x