This is a collection of libraries that can parse a string representation of a Relation tuple to an object structure in different languages or frameworks.
Relation tuples are used to evaluate permissions in "Zanzibar: Google's Consistent, Global Authorization System".
The BNF of a valid Relation tuple is as follows:
<relation-tuple> ::= <object>'#'relation'@'<subject> | <object>'#'relation'@('<subject>')'
<object> ::= namespace':'object_id
<subject> ::= subject_id | <subject_set>
<subject_set> ::= <object>'#'relation
Examples of valid strings:
namespace:object#relation@subjectId
namespace:object#relation@(subjectId)
namespace:object#relation@subjectNamespace:subjectObject#subjectRelation
namespace:object#relation@(subjectNamespace:subjectObject#subjectRelation)
The different parts of the Relation tuple can contain any character but :#@()
.
A Relation tuple can easily be verbalised:
The Relation tuple sharedFiles:a.txt#access@(dirs:b#access)
can be verbalised as "Anyone with access
to dirs:b
has access
to sharedFiles:a.txt
".
@nidomiro/relation-tuple-parser
but uses types from ory keto nx run-many --projects=typescript,typescript-ory-keto --target=publish --tag latest --ver x.x.x