VS Code extension that provides syntax highlighting for the OpenFGA language for authorization models.
OpenFGA is an open source Fine-Grained Authorization solution inspired by Google's Zanzibar paper. It was created by the FGA team at Auth0 based on Auth0 Fine-Grained Authorization (FGA), available under a permissive license (Apache-2) and welcomes community contributions.
OpenFGA is designed to make it easy for application builders to model their permission layer, and to add and integrate fine-grained authorization into their applications. OpenFGA’s design is optimized for reliability and low latency at a high scale.
You can install the OpenFGA VS Code plugin from:
The VSIX releases on GitHub for manual installation
The extension currently offers 4 core features, with more to come.
OpenFGA
and click Set Color Scheme
OpenFGA Dark
in the prompt.fga
OpenFGA files to JSON
.fga
OpenFGA file in the editorCommand Pallette
using Ctrl+Shift+P (Windows) or Command+Shift+P (OSX)OpenFGA: Transform DSL to JSON
.fga
files
.fga
OpenFGA file in the editor, the extension will highlight errors that make your models invalidThe extension works great when combined with the FGA CLI to iterate on your model and test it.
In order to do that:
1- Create a working directory to house the files for your store
2- Inside this directory, create a model.fga
file with your model
3- Alongside the model.fga
, create a store.yaml
file with the following syntax
---
name: Store Name # store name, optional
model_file: ./model.fga # a global model that would apply to all tests
tuples: # global tuples that would apply to all tests, optional
- user: folder:1
relation: parent
object: folder:2
- user: user:anne
relation: editor
object: folder:1
tests: # required
- name: test-1
description: testing that the model works # optional
tuples: # tuples that only apply within the scope of this test
- user: user:beth
relation: viewer
object: folder:2
check: # a set of checks to run
- user: user:anne
object: folder:1
assertions:
# a set of expected results for each relation
can_view: true
can_write: true
can_share: false
- user: user:beth
object: folder:2
assertions:
# a set of expected results for each relation
can_view: true
can_write: false
can_share: false
list_objects: # a set of list objects to run
- user: user:anne
type: folder
assertions:
# a set of expected results for each relation
can_view:
- folder:1
- folder:2
can_write:
- folder:1
- folder:2
can_share: []
- user: user:beth
type: folder
assertions:
# a set of expected results for each relation
can_view:
- folder:2
can_write: []
can_share: []
When ready to test, from the terminal, and while inside your working directory, run:
fga model test --tests=./store.yaml
A rough roadmap for development priorities.
See the DEVELOPMENT and CONTRIBUTING.
yaml
to vscode
from actions/languageservicesThis project is licensed under the Apache-2.0 license. See the LICENSE file for more info.