[spicedb] generate ts definitions (#18308)

Author: svenefftinge

components/server/package.json

@@ -6,7 +6,8 @@
   "scripts": {
     "start": "node ./dist/main.js",
     "start-inspect": "node --inspect=0.0.0.0:9229 ./dist/main.js",
-    "build": "yarn lint && npx tsc",
+    "generate": "leeway run components/spicedb:generate-ts > src/authorization/definitions.ts && npx prettier --write src/authorization/definitions.ts",
+    "build": "yarn generate && yarn lint && npx tsc",
     "lint": "yarn eslint src/*.ts src/**/*.ts",
     "lint:fix": "yarn eslint src/*.ts src/**/*.ts --fix",
     "build:clean": "yarn clean && yarn build",
@@ -90,7 +91,6 @@
     "redlock": "^5.0.0-beta.2",
     "reflect-metadata": "^0.1.10",
     "stripe": "^9.0.0",
-
     "twilio": "^3.78.0",
     "uuid": "^8.3.2",
     "vscode-ws-jsonrpc": "^0.2.0",
@@ -132,6 +132,7 @@
     "eslint": "^7.11.0",
     "expect": "^1.20.2",
     "mocha": "^5.0.0",
+    "prettier": "^3.0.0",
     "rimraf": "^3.0.2",
     "source-map-loader": "^0.2.3",
     "standard": "^16.0.3",

components/server/src/authorization/definitions.ts

@@ -5,37 +5,44 @@
  */
 
 export const InstallationID = "1";
-export const InstallationResourceType = "installation";
-export const OrganizationResourceType = "organization";
-export const ProjectResourceType = "project";
-export const UserResourceType = "user";
-export type ResourceType =
-    | typeof InstallationResourceType
-    | typeof OrganizationResourceType
-    | typeof ProjectResourceType
-    | typeof UserResourceType;
-
-export type InstallationRelation = "user" | "admin";
-export type OrganizationRelation = "installation" | "owner" | "member";
-export type ProjectRelation = "org" | "editor" | "viewer";
+export type ResourceType = UserResourceType | InstallationResourceType | OrganizationResourceType | ProjectResourceType;
+
 export type Relation = InstallationRelation | OrganizationRelation | ProjectRelation;
 
+export type Permission = InstallationPermission | OrganizationPermission | ProjectPermission;
+
+export type UserResourceType = "user";
+
+export type InstallationResourceType = "installation";
+
+export type InstallationRelation = "member" | "admin";
+
 export type InstallationPermission = "create_organization";
+
+export type OrganizationResourceType = "organization";
+
+export type OrganizationRelation = "installation" | "member" | "owner";
+
 export type OrganizationPermission =
+    | "installation_admin"
     | "read_info"
     | "write_info"
+    | "delete"
+    | "read_settings"
+    | "write_settings"
     | "read_members"
     | "invite_members"
     | "write_members"
     | "leave"
-    | "delete"
     | "create_project"
-    | "read_settings"
-    | "write_settings"
     | "read_git_provider"
     | "write_git_provider"
     | "read_billing"
     | "write_billing"
     | "write_billing_admin";
-export type ProjectPermission = "write_info" | "read_info" | "delete";
-export type Permission = OrganizationPermission;
+
+export type ProjectResourceType = "project";
+
+export type ProjectRelation = "org" | "editor" | "viewer";
+
+export type ProjectPermission = "read_info" | "write_info" | "delete";

components/spicedb/BUILD.yaml

@@ -9,7 +9,7 @@ packages:
     srcs:
       - go.mod
       - go.sum
-      - "**/*.go"
+      - "*.go"
       - "schema/*.yaml"
     deps:
       - components/spicedb:schema
@@ -52,8 +52,8 @@ scripts:
           echo "Stopped spicedb."
       fi
 
-  - name: report-spicedb
-    description: "Reports spicedb's current state."
+  - name: generate-ts
+    description: "Generate definition in typescript."
     deps: []
     script: |
-      spicedn
+      (cd codegen && go run .)

components/spicedb/codegen/codegen.go

@@ -0,0 +1,119 @@
+// Copyright (c) 2023 Gitpod GmbH. All rights reserved.
+// Licensed under the GNU Affero General Public License (AGPL).
+// See License.AGPL.txt in the project root for license information.
+
+package main
+
+import (
+	"context"
+	"errors"
+	"fmt"
+	"os"
+	"strings"
+
+	"github.com/authzed/spicedb/pkg/development"
+	"github.com/authzed/spicedb/pkg/namespace"
+	dev_v1 "github.com/authzed/spicedb/pkg/proto/developer/v1"
+	implv1 "github.com/authzed/spicedb/pkg/proto/impl/v1"
+	"github.com/authzed/spicedb/pkg/schemadsl/compiler"
+	"gopkg.in/yaml.v2"
+)
+
+type Schema struct {
+	Schema string `yaml:"schema"`
+}
+
+func main() {
+	schema := GetCompiledSchema()
+	fmt.Print(GenerateDefinition(schema))
+}
+
+func GetCompiledSchema() *compiler.CompiledSchema {
+	// read schemaFile
+	b, err := os.ReadFile("../schema/schema.yaml")
+	if err != nil {
+		panic(err)
+	}
+
+	var schema Schema
+	err = yaml.Unmarshal(b, &schema)
+	if err != nil {
+		panic(err)
+	}
+
+	devCtx, devErrs, err := development.NewDevContext(context.Background(), &dev_v1.RequestContext{
+		Schema:        schema.Schema,
+		Relationships: nil,
+	})
+	if err != nil {
+		panic(err)
+	}
+	if devErrs != nil {
+		panic(errors.New(devErrs.InputErrors[0].Message))
+	}
+	return devCtx.CompiledSchema
+}
+
+func GenerateDefinition(schema *compiler.CompiledSchema) string {
+
+	resource := "export type ResourceType ="
+	relation := "export type Relation ="
+	permission := "export type Permission ="
+	other := ""
+
+	// list definitions
+	for _, def := range schema.ObjectDefinitions {
+		// make sure the first character is upper case
+		simpleName := strings.ToUpper(string(def.Name[0])) + def.Name[1:]
+		resourceTypeName := simpleName + "ResourceType"
+		resource += "\n  | " + resourceTypeName + ""
+		other += "\nexport type " + resourceTypeName + " = \"" + def.Name + "\";\n"
+		// check if relations exists
+		hasRelations := false
+		for _, rel := range def.Relation {
+			if namespace.GetRelationKind(rel) == implv1.RelationMetadata_RELATION {
+				hasRelations = true
+				break
+			}
+		}
+		if hasRelations {
+			relation += "\n  | " + simpleName + "Relation"
+			other += "\nexport type " + simpleName + "Relation ="
+			for _, rel := range def.Relation {
+				if namespace.GetRelationKind(rel) == implv1.RelationMetadata_RELATION {
+					other += "\n     | \"" + rel.Name + "\""
+				}
+			}
+			other += ";\n"
+		}
+		// check if permissions exists
+		hasPermissions := false
+		for _, rel := range def.Relation {
+			if namespace.GetRelationKind(rel) == implv1.RelationMetadata_PERMISSION {
+				hasPermissions = true
+				break
+			}
+		}
+		if hasPermissions {
+			permission += "\n  | " + simpleName + "Permission"
+			// permissions
+			other += "\nexport type " + simpleName + "Permission ="
+			for _, rel := range def.Relation {
+				if namespace.GetRelationKind(rel) == implv1.RelationMetadata_PERMISSION {
+					other += "\n     | \"" + rel.Name + "\""
+				}
+			}
+			other += ";\n"
+		}
+	}
+
+	return `/**
+ * Copyright (c) 2023 Gitpod GmbH. All rights reserved.
+ * Licensed under the GNU Affero General Public License (AGPL).
+ * See License.AGPL.txt in the project root for license information.
+ */
+
+export const InstallationID = "1";
+` +
+		resource + ";\n\n" + relation + ";\n\n" + permission + ";\n\n" + other
+}

components/spicedb/codegen/go.mod

@@ -0,0 +1,67 @@
+module github.com/gitpod-io/gitpod/components/spicedb/codegen
+
+go 1.20
+
+require (
+	github.com/authzed/spicedb v1.23.1
+	gopkg.in/yaml.v2 v2.4.0
+)
+
+require (
+	github.com/Masterminds/squirrel v1.5.4 // indirect
+	github.com/antlr/antlr4/runtime/Go/antlr v1.4.10 // indirect
+	github.com/authzed/authzed-go v0.8.1-0.20230620170737-8257e7bd388e // indirect
+	github.com/authzed/grpcutil v0.0.0-20230703173955-bdd0ac3f16a5 // indirect
+	github.com/beorn7/perks v1.0.1 // indirect
+	github.com/cenkalti/backoff/v4 v4.2.1 // indirect
+	github.com/certifi/gocertifi v0.0.0-20210507211836-431795d63e8d // indirect
+	github.com/cespare/xxhash/v2 v2.2.0 // indirect
+	github.com/creasty/defaults v1.7.0 // indirect
+	github.com/dalzilio/rudd v1.1.1-0.20220422201445-0a0cd32c7df9 // indirect
+	github.com/davecgh/go-spew v1.1.1 // indirect
+	github.com/dustin/go-humanize v1.0.1 // indirect
+	github.com/ecordell/optgen v0.0.10-0.20230609182709-018141bf9698 // indirect
+	github.com/emirpasic/gods v1.18.1 // indirect
+	github.com/envoyproxy/protoc-gen-validate v1.0.2 // indirect
+	github.com/go-logr/logr v1.2.4 // indirect
+	github.com/go-logr/stdr v1.2.2 // indirect
+	github.com/golang/protobuf v1.5.3 // indirect
+	github.com/google/cel-go v0.12.5 // indirect
+	github.com/google/go-cmp v0.5.9 // indirect
+	github.com/google/uuid v1.3.0 // indirect
+	github.com/grpc-ecosystem/go-grpc-middleware v1.4.0 // indirect
+	github.com/grpc-ecosystem/go-grpc-middleware/v2 v2.0.0-rc.5 // indirect
+	github.com/grpc-ecosystem/grpc-gateway/v2 v2.15.2 // indirect
+	github.com/hashicorp/go-immutable-radix v1.3.1 // indirect
+	github.com/hashicorp/go-memdb v1.3.4 // indirect
+	github.com/hashicorp/golang-lru v0.5.4 // indirect
+	github.com/jzelinskie/stringz v0.0.1 // indirect
+	github.com/lann/builder v0.0.0-20180802200727-47ae307949d0 // indirect
+	github.com/lann/ps v0.0.0-20150810152359-62de8c46ede0 // indirect
+	github.com/mattn/go-colorable v0.1.13 // indirect
+	github.com/mattn/go-isatty v0.0.19 // indirect
+	github.com/matttproud/golang_protobuf_extensions v1.0.4 // indirect
+	github.com/pmezard/go-difflib v1.0.0 // indirect
+	github.com/prometheus/client_golang v1.15.1 // indirect
+	github.com/prometheus/client_model v0.4.0 // indirect
+	github.com/prometheus/common v0.44.0 // indirect
+	github.com/prometheus/procfs v0.10.0 // indirect
+	github.com/rs/zerolog v1.29.0 // indirect
+	github.com/samber/lo v1.38.1 // indirect
+	github.com/scylladb/go-set v1.0.2 // indirect
+	github.com/shopspring/decimal v1.3.1 // indirect
+	github.com/stoewer/go-strcase v1.2.0 // indirect
+	github.com/stretchr/testify v1.8.4 // indirect
+	go.opentelemetry.io/otel v1.16.0 // indirect
+	go.opentelemetry.io/otel/metric v1.16.0 // indirect
+	go.opentelemetry.io/otel/trace v1.16.0 // indirect
+	golang.org/x/exp v0.0.0-20230522175609-2e198f4a06a1 // indirect
+	golang.org/x/net v0.11.0 // indirect
+	golang.org/x/sync v0.3.0 // indirect
+	golang.org/x/sys v0.9.0 // indirect
+	golang.org/x/text v0.10.0 // indirect
+	google.golang.org/genproto v0.0.0-20230410155749-daa745c078e1 // indirect
+	google.golang.org/grpc v1.56.1 // indirect
+	google.golang.org/protobuf v1.31.0 // indirect
+	gopkg.in/yaml.v3 v3.0.1 // indirect
+)