feat!: abac and conditions support in OpenFgaApi

[Breaking]: for anyone the `OpenFgaApi` interface directly
openfga · Oct 2, 2023 · 1decccf · 1decccf
1 parent e03ff4d
commit 1decccf
Show file tree

Hide file tree

Showing 52 changed files with 2,806 additions and 411 deletions.
diff --git a/.openapi-generator/FILES b/.openapi-generator/FILES
@@ -23,14 +23,18 @@ docs/Any.md
 docs/Assertion.md
 docs/AuthorizationModel.md
 docs/CheckRequest.md
+docs/CheckRequestTupleKey.md
 docs/CheckResponse.md
 docs/Computed.md
+docs/Condition.md
+docs/ConditionParamTypeRef.md
 docs/ContextualTupleKeys.md
 docs/CreateStoreRequest.md
 docs/CreateStoreResponse.md
 docs/Difference.md
 docs/ErrorCode.md
 docs/ExpandRequest.md
+docs/ExpandRequestTupleKey.md
 docs/ExpandResponse.md
 docs/GetStoreResponse.md
 docs/InternalErrorCode.md
@@ -43,6 +47,7 @@ docs/Metadata.md
 docs/Node.md
 docs/Nodes.md
 docs/NotFoundErrorCode.md
+docs/NullValue.md
 docs/ObjectRelation.md
 docs/OpenFgaApi.md
 docs/PathUnknownErrorMessageResponse.md
@@ -51,18 +56,20 @@ docs/ReadAuthorizationModelResponse.md
 docs/ReadAuthorizationModelsResponse.md
 docs/ReadChangesResponse.md
 docs/ReadRequest.md
+docs/ReadRequestTupleKey.md
 docs/ReadResponse.md
 docs/RelationMetadata.md
 docs/RelationReference.md
+docs/RelationshipCondition.md
 docs/Status.md
 docs/Store.md
 docs/Tuple.md
 docs/TupleChange.md
 docs/TupleKey.md
-docs/TupleKeys.md
 docs/TupleOperation.md
 docs/TupleToUserset.md
 docs/TypeDefinition.md
+docs/TypeName.md
 docs/Users.md
 docs/Userset.md
 docs/UsersetTree.md
@@ -74,6 +81,8 @@ docs/WriteAssertionsRequest.md
 docs/WriteAuthorizationModelRequest.md
 docs/WriteAuthorizationModelResponse.md
 docs/WriteRequest.md
+docs/WriteRequestTupleKey.md
+docs/WriteRequestTupleKeys.md
 git_push.sh
 go.mod
 go.sum
@@ -84,14 +93,18 @@ model_any.go
 model_assertion.go
 model_authorization_model.go
 model_check_request.go
+model_check_request_tuple_key.go
 model_check_response.go
 model_computed.go
+model_condition.go
+model_condition_param_type_ref.go
 model_contextual_tuple_keys.go
 model_create_store_request.go
 model_create_store_response.go
 model_difference.go
 model_error_code.go
 model_expand_request.go
+model_expand_request_tuple_key.go
 model_expand_response.go
 model_get_store_response.go
 model_internal_error_code.go
@@ -104,25 +117,28 @@ model_metadata.go
 model_node.go
 model_nodes.go
 model_not_found_error_code.go
+model_null_value.go
 model_object_relation.go
 model_path_unknown_error_message_response.go
 model_read_assertions_response.go
 model_read_authorization_model_response.go
 model_read_authorization_models_response.go
 model_read_changes_response.go
 model_read_request.go
+model_read_request_tuple_key.go
 model_read_response.go
 model_relation_metadata.go
 model_relation_reference.go
+model_relationship_condition.go
 model_status.go
 model_store.go
 model_tuple.go
 model_tuple_change.go
 model_tuple_key.go
-model_tuple_keys.go
 model_tuple_operation.go
 model_tuple_to_userset.go
 model_type_definition.go
+model_type_name.go
 model_users.go
 model_userset.go
 model_userset_tree.go
@@ -134,6 +150,8 @@ model_write_assertions_request.go
 model_write_authorization_model_request.go
 model_write_authorization_model_response.go
 model_write_request.go
+model_write_request_tuple_key.go
+model_write_request_tuple_keys.go
 oauth2/LICENSE
 oauth2/ORIGINAL_AUTHORS
 oauth2/ORIGINAL_CONTRIBUTORS

diff --git a/README.md b/README.md
@@ -801,14 +801,18 @@ Class | Method | HTTP request | Description
  - [Assertion](docs/Assertion.md)
  - [AuthorizationModel](docs/AuthorizationModel.md)
  - [CheckRequest](docs/CheckRequest.md)
+ - [CheckRequestTupleKey](docs/CheckRequestTupleKey.md)
  - [CheckResponse](docs/CheckResponse.md)
  - [Computed](docs/Computed.md)
+ - [Condition](docs/Condition.md)
+ - [ConditionParamTypeRef](docs/ConditionParamTypeRef.md)
  - [ContextualTupleKeys](docs/ContextualTupleKeys.md)
  - [CreateStoreRequest](docs/CreateStoreRequest.md)
  - [CreateStoreResponse](docs/CreateStoreResponse.md)
  - [Difference](docs/Difference.md)
  - [ErrorCode](docs/ErrorCode.md)
  - [ExpandRequest](docs/ExpandRequest.md)
+ - [ExpandRequestTupleKey](docs/ExpandRequestTupleKey.md)
  - [ExpandResponse](docs/ExpandResponse.md)
  - [GetStoreResponse](docs/GetStoreResponse.md)
  - [InternalErrorCode](docs/InternalErrorCode.md)
@@ -821,25 +825,28 @@ Class | Method | HTTP request | Description
  - [Node](docs/Node.md)
  - [Nodes](docs/Nodes.md)
  - [NotFoundErrorCode](docs/NotFoundErrorCode.md)
+ - [NullValue](docs/NullValue.md)
  - [ObjectRelation](docs/ObjectRelation.md)
  - [PathUnknownErrorMessageResponse](docs/PathUnknownErrorMessageResponse.md)
  - [ReadAssertionsResponse](docs/ReadAssertionsResponse.md)
  - [ReadAuthorizationModelResponse](docs/ReadAuthorizationModelResponse.md)
  - [ReadAuthorizationModelsResponse](docs/ReadAuthorizationModelsResponse.md)
  - [ReadChangesResponse](docs/ReadChangesResponse.md)
  - [ReadRequest](docs/ReadRequest.md)
+ - [ReadRequestTupleKey](docs/ReadRequestTupleKey.md)
  - [ReadResponse](docs/ReadResponse.md)
  - [RelationMetadata](docs/RelationMetadata.md)
  - [RelationReference](docs/RelationReference.md)
+ - [RelationshipCondition](docs/RelationshipCondition.md)
  - [Status](docs/Status.md)
  - [Store](docs/Store.md)
  - [Tuple](docs/Tuple.md)
  - [TupleChange](docs/TupleChange.md)
  - [TupleKey](docs/TupleKey.md)
- - [TupleKeys](docs/TupleKeys.md)
  - [TupleOperation](docs/TupleOperation.md)
  - [TupleToUserset](docs/TupleToUserset.md)
  - [TypeDefinition](docs/TypeDefinition.md)
+ - [TypeName](docs/TypeName.md)
  - [Users](docs/Users.md)
  - [Userset](docs/Userset.md)
  - [UsersetTree](docs/UsersetTree.md)
@@ -851,6 +858,8 @@ Class | Method | HTTP request | Description
  - [WriteAuthorizationModelRequest](docs/WriteAuthorizationModelRequest.md)
  - [WriteAuthorizationModelResponse](docs/WriteAuthorizationModelResponse.md)
  - [WriteRequest](docs/WriteRequest.md)
+ - [WriteRequestTupleKey](docs/WriteRequestTupleKey.md)
+ - [WriteRequestTupleKeys](docs/WriteRequestTupleKeys.md)
 
 
 ## Contributing

diff --git a/api_open_fga.go b/api_open_fga.go
@@ -252,8 +252,7 @@ type OpenFgaApi interface {
 	}
 	```
 	This means that `user:bob` has a `reader` relationship with 1 document `document:2021-budget`. Note that this API, unlike the List Objects API, does not evaluate the tuples in the store.
-	The continuation token will be empty if there are no more tuples to query.
-	### Query for all stored relationship tuples that have a particular relation and object
+	The continuation token will be empty if there are no more tuples to query.### Query for all stored relationship tuples that have a particular relation and object
 	To query for all users that have `reader` relationship with `document:2021-budget`, call read API with body of
 	```json
 	{
@@ -2574,8 +2573,7 @@ The API will return tuples and a continuation token, something like
 
 ```
 This means that `user:bob` has a `reader` relationship with 1 document `document:2021-budget`. Note that this API, unlike the List Objects API, does not evaluate the tuples in the store.
-The continuation token will be empty if there are no more tuples to query.
-### Query for all stored relationship tuples that have a particular relation and object
+The continuation token will be empty if there are no more tuples to query.### Query for all stored relationship tuples that have a particular relation and object
 To query for all users that have `reader` relationship with `document:2021-budget`, call read API with body of
 ```json
 

diff --git a/api_open_fga_test.go b/api_open_fga_test.go
@@ -569,10 +569,10 @@ func TestOpenFgaApi(t *testing.T) {
 			RequestPath:    "check",
 		}
 		requestBody := CheckRequest{
-			TupleKey: TupleKey{
-				User:     PtrString("user:81684243-9356-4421-8fbf-a4f8d36aa31b"),
-				Relation: PtrString("viewer"),
-				Object:   PtrString("document:roadmap"),
+			TupleKey: CheckRequestTupleKey{
+				User:     "user:81684243-9356-4421-8fbf-a4f8d36aa31b",
+				Relation: "viewer",
+				Object:   "document:roadmap",
 			},
 			AuthorizationModelId: PtrString("01GAHCE4YVKPQEKZQHT2R89MQV"),
 		}
@@ -621,11 +621,11 @@ func TestOpenFgaApi(t *testing.T) {
 			RequestPath:    "write",
 		}
 		requestBody := WriteRequest{
-			Writes: &TupleKeys{
-				TupleKeys: []TupleKey{{
-					User:     PtrString("user:81684243-9356-4421-8fbf-a4f8d36aa31b"),
-					Relation: PtrString("viewer"),
-					Object:   PtrString("document:roadmap"),
+			Writes: &WriteRequestTupleKeys{
+				TupleKeys: []WriteRequestTupleKey{{
+					User:     "user:81684243-9356-4421-8fbf-a4f8d36aa31b",
+					Relation: "viewer",
+					Object:   "document:roadmap",
 				}},
 			},
 			AuthorizationModelId: PtrString("01GAHCE4YVKPQEKZQHT2R89MQV"),
@@ -667,11 +667,11 @@ func TestOpenFgaApi(t *testing.T) {
 		}
 
 		requestBody := WriteRequest{
-			Deletes: &TupleKeys{
-				TupleKeys: []TupleKey{{
-					User:     PtrString("user:81684243-9356-4421-8fbf-a4f8d36aa31b"),
-					Relation: PtrString("viewer"),
-					Object:   PtrString("document:roadmap"),
+			Deletes: &WriteRequestTupleKeys{
+				TupleKeys: []WriteRequestTupleKey{{
+					User:     "user:81684243-9356-4421-8fbf-a4f8d36aa31b",
+					Relation: "viewer",
+					Object:   "document:roadmap",
 				}},
 			},
 			AuthorizationModelId: PtrString("01GAHCE4YVKPQEKZQHT2R89MQV"),
@@ -713,9 +713,9 @@ func TestOpenFgaApi(t *testing.T) {
 		}
 
 		requestBody := ExpandRequest{
-			TupleKey: TupleKey{
-				Relation: PtrString("viewer"),
-				Object:   PtrString("document:roadmap"),
+			TupleKey: ExpandRequestTupleKey{
+				Relation: "viewer",
+				Object:   "document:roadmap",
 			},
 			AuthorizationModelId: PtrString("01GAHCE4YVKPQEKZQHT2R89MQV"),
 		}
@@ -761,7 +761,7 @@ func TestOpenFgaApi(t *testing.T) {
 		}
 
 		requestBody := ReadRequest{
-			TupleKey: &TupleKey{
+			TupleKey: &ReadRequestTupleKey{
 				User:     PtrString("user:81684243-9356-4421-8fbf-a4f8d36aa31b"),
 				Relation: PtrString("viewer"),
 				Object:   PtrString("document:roadmap"),
@@ -867,13 +867,13 @@ func TestOpenFgaApi(t *testing.T) {
 			Type:                 "document",
 			ContextualTuples: &ContextualTupleKeys{
 				TupleKeys: []TupleKey{{
-					User:     PtrString("user:81684243-9356-4421-8fbf-a4f8d36aa31b"),
-					Relation: PtrString("editor"),
-					Object:   PtrString("folder:product"),
+					User:     "user:81684243-9356-4421-8fbf-a4f8d36aa31b",
+					Relation: "editor",
+					Object:   "folder:product",
 				}, {
-					User:     PtrString("folder:product"),
-					Relation: PtrString("parent"),
-					Object:   PtrString("document:roadmap"),
+					User:     "folder:product",
+					Relation: "parent",
+					Object:   "document:roadmap",
 				}},
 			},
 		}
@@ -924,10 +924,10 @@ func TestOpenFgaApi(t *testing.T) {
 			RequestPath:    "check",
 		}
 		requestBody := CheckRequest{
-			TupleKey: TupleKey{
-				User:     PtrString("user:81684243-9356-4421-8fbf-a4f8d36aa31b"),
-				Relation: PtrString("viewer"),
-				Object:   PtrString("document:roadmap"),
+			TupleKey: CheckRequestTupleKey{
+				User:     "user:81684243-9356-4421-8fbf-a4f8d36aa31b",
+				Relation: "viewer",
+				Object:   "document:roadmap",
 			},
 		}
 
@@ -987,10 +987,10 @@ func TestOpenFgaApi(t *testing.T) {
 			RequestPath:    "check",
 		}
 		requestBody := CheckRequest{
-			TupleKey: TupleKey{
-				User:     PtrString("user:81684243-9356-4421-8fbf-a4f8d36aa31b"),
-				Relation: PtrString("viewer"),
-				Object:   PtrString("document:roadmap"),
+			TupleKey: CheckRequestTupleKey{
+				User:     "user:81684243-9356-4421-8fbf-a4f8d36aa31b",
+				Relation: "viewer",
+				Object:   "document:roadmap",
 			},
 		}
 
@@ -1043,10 +1043,10 @@ func TestOpenFgaApi(t *testing.T) {
 			RequestPath:    "check",
 		}
 		requestBody := CheckRequest{
-			TupleKey: TupleKey{
-				User:     PtrString("user:81684243-9356-4421-8fbf-a4f8d36aa31b"),
-				Relation: PtrString("viewer"),
-				Object:   PtrString("document:roadmap"),
+			TupleKey: CheckRequestTupleKey{
+				User:     "user:81684243-9356-4421-8fbf-a4f8d36aa31b",
+				Relation: "viewer",
+				Object:   "document:roadmap",
 			},
 		}
 
@@ -1106,10 +1106,10 @@ func TestOpenFgaApi(t *testing.T) {
 			RequestPath:    "check",
 		}
 		requestBody := CheckRequest{
-			TupleKey: TupleKey{
-				User:     PtrString("user:81684243-9356-4421-8fbf-a4f8d36aa31b"),
-				Relation: PtrString("viewer"),
-				Object:   PtrString("document:roadmap"),
+			TupleKey: CheckRequestTupleKey{
+				User:     "user:81684243-9356-4421-8fbf-a4f8d36aa31b",
+				Relation: "viewer",
+				Object:   "document:roadmap",
 			},
 		}
 
@@ -1177,10 +1177,10 @@ func TestOpenFgaApi(t *testing.T) {
 			RequestPath:    "check",
 		}
 		requestBody := CheckRequest{
-			TupleKey: TupleKey{
-				User:     PtrString("user:81684243-9356-4421-8fbf-a4f8d36aa31b"),
-				Relation: PtrString("viewer"),
-				Object:   PtrString("document:roadmap"),
+			TupleKey: CheckRequestTupleKey{
+				User:     "user:81684243-9356-4421-8fbf-a4f8d36aa31b",
+				Relation: "viewer",
+				Object:   "document:roadmap",
 			},
 		}
 
@@ -1239,10 +1239,10 @@ func TestOpenFgaApi(t *testing.T) {
 			RequestPath:    "check",
 		}
 		requestBody := CheckRequest{
-			TupleKey: TupleKey{
-				User:     PtrString("user:81684243-9356-4421-8fbf-a4f8d36aa31b"),
-				Relation: PtrString("viewer"),
-				Object:   PtrString("document:roadmap"),
+			TupleKey: CheckRequestTupleKey{
+				User:     "user:81684243-9356-4421-8fbf-a4f8d36aa31b",
+				Relation: "viewer",
+				Object:   "document:roadmap",
 			},
 		}