>

Apply for $700 in starter credits on AuthZed Cloud

[Apply now]

Document sharing with groups

Share documents with users, or with groups (which can themselves nest parent / child relationships).

Groups & hierarchyView on GitHub

Document sharing with groups

Share documents with users, or with groups (which can themselves nest parent / child relationships).

An entity that can be granted permissions.
Users can be part of groups.

definition user {}

We can model groups as having a parent group...

definition group_with_parent {
   relation parent: group_with_parent
   relation member: user

   permission view = member + parent->member
}

...or we can model a group as having children.
In this example, we'll do both.

 definition group_with_child {
  relation child: user | group_with_child#child

  permission view = child
}

A resource that we are trying to protect

definition document {

We can give viewer relation to a specific user,
or to a group that has parents,
or to a group that has children.

    relation viewer: user | group_with_parent#view | group_with_child#view

    permission view = viewer
}

Schemas come from the authzed/examples repository (Apache 2.0). Comments shown alongside the code are the authors' original docstrings.