-
Notifications
You must be signed in to change notification settings - Fork 663
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
MG-2071 - Rename viewer relation #2237
base: main
Are you sure you want to change the base?
MG-2071 - Rename viewer relation #2237
Conversation
5b6c20c
to
6cf308a
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Not all places have been replaced double check
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@nyagamunene
Rename only Viewer relation to contributor and don't change the view permission to contribution
, Please keep it as view
docker/spicedb/schema.zed
Outdated
permission membership = view + member | ||
|
||
// These permissions are made for listing purposes. They enable listing users who have only particular permission excluding higher-level permissions users. | ||
permission admin_only = admin | ||
permission edit_only = edit - admin | ||
permission viewer_only = view - edit | ||
permission contributor_only = view - edit | ||
permission membership_only = membership - view |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
permission membership_only = membership - view | |
permission view_only = view - edit |
docker/spicedb/schema.zed
Outdated
@@ -16,7 +16,7 @@ definition thing { | |||
// These permission are made for only list purpose. It helps to list users have only particular permission excluding other higher and lower permission. | |||
permission admin_only = admin | |||
permission edit_only = edit - admin | |||
permission viewer_only = view - edit | |||
permission contributor_only = view - edit | |||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Since view
and edit
are permission and they are not relations, Lets change this to view_only
permission view_only = view - edit |
auth/service.go
Outdated
@@ -632,7 +632,7 @@ func (svc service) RetrieveDomain(ctx context.Context, token, id string) (Domain | |||
SubjectKind: UsersKind, | |||
Object: id, | |||
ObjectType: DomainType, | |||
Permission: MembershipPermission, | |||
Permission: ViewPermission, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@nyagamunene Could you please explain ther reason for change to ViewPermission
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
From the previous understanding of how the member work I thought he should not be able to login to a domain since he will see the other members' groups, things and channels
@@ -292,7 +292,7 @@ type SDK interface { | |||
// pm := sdk.PageMetadata{ | |||
// Offset: 0, | |||
// Limit: 10, | |||
// Permission: "edit", // available Options: "administrator", "delete", edit", "view", "share", "owner", "admin", "editor", "viewer" | |||
// Permission: "edit", // available Options: "delete", edit", "view", "share", "admin" | |||
// } |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We also support to list using relations, Please change like below and test the listing API
// } | |
// Permission: "edit", // available Options: "administrator", "delete", edit", "view", "share", "owner", "admin", "editor", "contributor" |
@@ -280,7 +280,7 @@ type SDK interface { | |||
// pm := sdk.PageMetadata{ | |||
// Offset: 0, | |||
// Limit: 10, | |||
// Permission: "edit", // available Options: "administrator", "delete", edit", "view", "share", "owner", "admin", "editor", "viewer" | |||
// Permission: "edit", // available Options: "delete", edit", "view", "share", "admin" | |||
// } |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We also support to list using relations, Please change like below and test the listing API
// } | |
// Permission: "edit", // available Options: "administrator", "delete", edit", "view", "share", "owner", "admin", "editor", "contributor" |
Signed-off-by: nyagamunene <stevenyaga2014@gmail.com>
Signed-off-by: nyagamunene <stevenyaga2014@gmail.com>
Signed-off-by: nyagamunene <stevenyaga2014@gmail.com>
Signed-off-by: nyagamunene <stevenyaga2014@gmail.com>
Signed-off-by: nyagamunene <stevenyaga2014@gmail.com>
Signed-off-by: nyagamunene <stevenyaga2014@gmail.com>
Signed-off-by: nyagamunene <stevenyaga2014@gmail.com>
Signed-off-by: nyagamunene <stevenyaga2014@gmail.com>
Signed-off-by: nyagamunene <stevenyaga2014@gmail.com>
Signed-off-by: nyagamunene <stevenyaga2014@gmail.com>
8579156
to
312035f
Compare
Signed-off-by: nyagamunene <stevenyaga2014@gmail.com>
91aef93
to
7257872
Compare
What type of PR is this?
This a feature because it rename viewer relation to contributor since he can not only view but also edit.
What does this do?
It renames the
ViewerRelation
toContributorRelation
andViewPermission
toContributePermission
.Which issue(s) does this PR fix/relate to?
Have you included tests for your changes?
Yes
Did you document any new/modified feature?
Yes
Notes