You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I'm currently using OpenFGA to manage permissions within a document management system and am seeking suggestions or best practices for retrieving all users and groups associated with a specific file or folder. Specifically, I want to retrieve a list of users who hold defined relationships with a file or folder (e.g., "viewer," "editor," or "owner").
Given this model:
type file
relations
define can_view: viewer or can_view from parent
define can_edit: editor or can_edit from parent
define editor: [user, group#member]
define parent: [folder]
define viewer: [user, group#member] or editor
type folder
relations
define can_view: viewer or can_view from parent
define can_edit: editor or can_edit from parent
define editor: [user, group#member] or owner
define parent: [folder]
type group
relations
define member: [user]
type user
My objective is to find an efficient approach to retrieve all users and groups with permissions to a specific file or folder. Since the ListUsers API accepts only one relation and a single entry in the user filter, multiple API calls would be necessary to fetch all related users and groups, including implied or concentric relationships.
What would be the best approach to handle this while minimising the number of calls and ensuring scalability?
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
OpenFGA
-
I'm currently using OpenFGA to manage permissions within a document management system and am seeking suggestions or best practices for retrieving all users and groups associated with a specific file or folder. Specifically, I want to retrieve a list of users who hold defined relationships with a file or folder (e.g., "viewer," "editor," or "owner").
Given this model:
My objective is to find an efficient approach to retrieve all users and groups with permissions to a specific file or folder. Since the ListUsers API accepts only one relation and a single entry in the user filter, multiple API calls would be necessary to fetch all related users and groups, including implied or concentric relationships.
What would be the best approach to handle this while minimising the number of calls and ensuring scalability?
Beta Was this translation helpful? Give feedback.
All reactions