Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Removing excluded users #171

Merged
merged 2 commits into from
Jun 13, 2024
Merged

Removing excluded users #171

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
db6f987
Removing excluded users
willvedd Jun 12, 2024
f1da70a
Removing ObjectOrUserset which was only useful in the context of excl…
willvedd Jun 12, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
23 changes: 2 additions & 21 deletions docs/openapiv2/apidocs.swagger.json
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

7 changes: 0 additions & 7 deletions openfga/v1/openfga.proto
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
syntax = "proto3";

Check failure on line 1 in openfga/v1/openfga.proto

View workflow job for this annotation

GitHub Actions / build 

Previously present message "ObjectOrUserset" was deleted from file.

package openfga.v1;

Expand Down Expand Up @@ -49,13 +49,6 @@
}
}

message ObjectOrUserset {
oneof user {
Object object = 1;
UsersetUser userset = 2;
}
}

// Userset.
//
// A set or group of users, represented in the `<type>:<id>#<relation>` format
Expand Down
11 changes: 3 additions & 8 deletions openfga/v1/openfga_service.proto
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -765,8 +765,9 @@
"You may also provide a `context` object that will be used to evaluate the conditioned tuples in the system. It is strongly recommended to provide a value for all the input parameters of all the conditions, to ensure that all tuples be evaluated correctly.\n"
"The response will contain the related users in an array in the \"users\" field of the response. These results may include specific objects, usersets \n"
"or type-bound public access. Each of these types of results is encoded in its own type and not represented as a string."
"In certain cases of negation via the `but not` operator, some results are marked as excluded from the main set of results. These exclusions \n"
"are returned in the `excluded_users` property and should be handled appropriately at the point of implementation."
"In cases where a type-bound public acces result is returned (e.g. `user:*`), it cannot be inferred that all subjects\n"
"of that type have a relation to the object; it is possible that negations exist and checks should still be queried\n"
"on individual subjects to ensure access to that document."
"The number of users in the response array will be limited by the execution timeout specified in the flag OPENFGA_LIST_USERS_DEADLINE "
"and by the upper bound specified in the flag OPENFGA_LIST_USERS_MAX_RESULTS, whichever is hit first.\n"
"The returned users will not be sorted, and therefore two identical calls may yield different sets of users."
Expand Down Expand Up @@ -885,18 +886,12 @@
google.protobuf.Struct context = 7;
}

message ListUsersResponse {

Check failure on line 889 in openfga/v1/openfga_service.proto

View workflow job for this annotation

GitHub Actions / build 

Previously present field "2" with name "excluded_users" on message "ListUsersResponse" was deleted.
repeated User users = 1 [
json_name = "users",
(google.api.field_behavior) = REQUIRED,
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {example: ""}
];

repeated ObjectOrUserset excluded_users = 2 [
json_name = "excluded_users",
(google.api.field_behavior) = REQUIRED,
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {example: ""}
];
}

message StreamedListObjectsRequest {
Expand Down
Loading
Loading