Skip to content

Commit

Permalink
Merge branch 'main' into add-homebrew-tap-release
Browse files Browse the repository at this point in the history
  • Loading branch information
rhamzeh committed Jul 12, 2023
2 parents 5ccb37e + 11841c2 commit c6299c5
Show file tree
Hide file tree
Showing 13 changed files with 288 additions and 45 deletions.
4 changes: 4 additions & 0 deletions .github/workflows/main.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,7 @@ jobs:
go-version-file: './go.mod'
cache-dependency-path: './go.sum'
check-latest: true
go-version: '>=1.20.6'
- name: golangci-lint
uses: golangci/golangci-lint-action@639cd343e1d3b897ff35927a75193d57cfcba299 # v3.6.0
with:
Expand All @@ -37,6 +38,7 @@ jobs:
go-version-file: './go.mod'
cache-dependency-path: './go.sum'
check-latest: true
go-version: '>=1.20.6'

- name: Run govulncheck
run: make audit
Expand All @@ -53,6 +55,7 @@ jobs:
go-version-file: './go.mod'
cache-dependency-path: './go.sum'
check-latest: true
go-version: '>=1.20.6'

- name: Build
run: make build
Expand Down Expand Up @@ -86,6 +89,7 @@ jobs:
go-version-file: './go.mod'
cache-dependency-path: './go.sum'
check-latest: true
go-version: '>=1.20.6'

- name: Login to Docker Hub
uses: docker/login-action@465a07811f14bebb1938fbed4728c6a1ff8901fc # v2.2.0
Expand Down
13 changes: 7 additions & 6 deletions .golangci.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -32,17 +32,18 @@ linters-settings:
- "!$test"
allow:
- $gostd
- github.com/spf13/cobra
- github.com/spf13/pflag
- github.com/spf13/viper
- github.com/mattn/go-isatty
- github.com/nwidger/jsoncolor
- github.com/oklog/ulid/v2
- github.com/openfga/cli
- github.com/openfga/go-sdk
- github.com/openfga/openfga
- github.com/mattn/go-isatty
- github.com/nwidger/jsoncolor
- github.com/spf13/cobra
- github.com/spf13/pflag
- github.com/spf13/viper
- go.buf.build/openfga/go/openfga/api
- github.com/oklog/ulid/v2
- google.golang.org/protobuf/encoding/protojson
- gopkg.in/yaml.v3
test:
files:
- "$test"
Expand Down
8 changes: 2 additions & 6 deletions .goreleaser.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@ builds:
- darwin
ldflags:
- "-s -w"
- "-X github.com/openfga/cli/internal/build.Version=v{{ .Version }}"
- "-X github.com/openfga/cli/internal/build.Version={{ .Version }}"
- "-X github.com/openfga/cli/internal/build.Commit={{.Commit}}"
- "-X github.com/openfga/cli/internal/build.Date={{.Date}}"

Expand Down Expand Up @@ -135,11 +135,6 @@ brews:
test: |
system "#{bin}/fga version"
archives:
- rlcp: true
files:
- assets

checksum:
name_template: 'checksums.txt'

Expand All @@ -152,3 +147,4 @@ changelog:
exclude:
- '^docs:'
- '^test:'
- '^chore'
16 changes: 16 additions & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,16 @@
# Changelog

## v0.1.0-beta

### [0.1.0-beta](https://github.com/openfga/go-sdk/releases/tag/v0.1.0-beta) (2023-07-11)

Initial OpenFGA CLI release
- Support for [OpenFGA](https://github.com/openfga/openfga) API
- Create, read, list and delete stores
- Create, read, list and validate authorization models
- Write, delete, read and import tuples
- Read tuple changes
- Run authorization checks
- List objects a user has access to
- List relations a user has on an object
- Use Expand to understand why access was granted
98 changes: 79 additions & 19 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -200,11 +200,11 @@ fga store **delete**

* `model`

| Description | command | parameters | example |
|-------------------------------------------------------------------------|---------|----------------------------|-------------------------------------------------------------------------------------------------------------|
| [Read Authorization Models](#read-authorization-models) | `list` | `--store-id` | `fga model list --store-id=01H0H015178Y2V4CX10C2KGHF4` |
| [Write Authorization Model ](#write-authorization-model) | `write` | `--store-id` | `fga model write --store-id=01H0H015178Y2V4CX10C2KGHF4 '{"schema_version":"1.1","type_definitions":[...]}'` |
| [Read a Single Authorization Model](#read-a-single-authorization-model) | `get` | `--store-id`, `--model-id` | `fga model get --store-id=01H0H015178Y2V4CX10C2KGHF4 --model-id=01GXSA8YR785C4FYS3C0RTG7B1` |
| Description | command | parameters | example |
|-------------------------------------------------------------------------|---------|----------------------------|---------------------------------------------------------------------------------------------|
| [Read Authorization Models](#read-authorization-models) | `list` | `--store-id` | `fga model list --store-id=01H0H015178Y2V4CX10C2KGHF4` |
| [Write Authorization Model ](#write-authorization-model) | `write` | `--store-id`, `--file` | `fga model write --store-id=01H0H015178Y2V4CX10C2KGHF4 --file=model.json` |
| [Read a Single Authorization Model](#read-a-single-authorization-model) | `get` | `--store-id`, `--model-id` | `fga model get --store-id=01H0H015178Y2V4CX10C2KGHF4 --model-id=01GXSA8YR785C4FYS3C0RTG7B1` |

##### Read Authorization Models

Expand Down Expand Up @@ -239,19 +239,16 @@ fga model **write**

###### Parameters
* `--store-id`: Specifies the store id
* `--file`: Specifies the file containing the model in JSON format

###### Example
`fga model write --store-id=01H0H015178Y2V4CX10C2KGHF4 '{"type_definitions": [ { "type": "user" }, { "type": "document", "relations": { "can_view": { "this": {} } }, "metadata": { "relations": { "can_view": { "directly_related_user_types": [ { "type": "user" } ] }}}} ], "schema_version": "1.1"}'`
* `fga model write --store-id=01H0H015178Y2V4CX10C2KGHF4 --file=model.json`
* `fga model write --store-id=01H0H015178Y2V4CX10C2KGHF4 '{"type_definitions": [ { "type": "user" }, { "type": "document", "relations": { "can_view": { "this": {} } }, "metadata": { "relations": { "can_view": { "directly_related_user_types": [ { "type": "user" } ] }}}} ], "schema_version": "1.1"}'`

###### JSON Response
```json5
{
"schema_version": "1.1",
"id": "01GXSA8YR785C4FYS3C0RTG7B1",
"type_definitions": [
{"type": "user"},
// { ... }
],
"authorization_model_id":"01GXSA8YR785C4FYS3C0RTG7B1"
}
```

Expand Down Expand Up @@ -336,13 +333,13 @@ fga model **validate**

* `tuple`

| Description | command | parameters | example |
|-----------------------------------------------------------------------------------|-----------|----------------------------|---------------------------------------------------------------------------------------------------------|
| [Write Relationship Tuples](#write-relationship-tuples) | `write` | `--store-id`, `--model-id` | `fga tuple write --store-id=01H0H015178Y2V4CX10C2KGHF4 '{"schema_version":"1.1","type_definitions":[...]}'` |
| [Delete Relationship Tuples](#delete-relationship-tuples) | `delete` | `--store-id`, `--model-id` | `fga tuple delete --store-id=01H0H015178Y2V4CX10C2KGHF4` |
| [Read Relationship Tuples](#read-relationship-tuples) | `read` | `--store-id`, `--model-id` | `fga tuple read --store-id=01H0H015178Y2V4CX10C2KGHF4 --model-id=01GXSA8YR785C4FYS3C0RTG7B1` |
| [Read Relationship Tuple Changes (Watch)](#read-relationship-tuple-changes-watch) | `changes` | `--store-id`, `--model-id` | `fga tuple changes --store-id=01H0H015178Y2V4CX10C2KGHF4 --model-id=01GXSA8YR785C4FYS3C0RTG7B1` |
| [Import Relationship Tuples](#import-relationship-tuplesl) | `import` | `--store-id`, `--model-id` | `fga tuple import --store-id=01H0H015178Y2V4CX10C2KGHF4 --model-id=01GXSA8YR785C4FYS3C0RTG7B1` |
| Description | command | parameters | example |
|-----------------------------------------------------------------------------------|-----------|--------------------------------------|-------------------------------------------------------------------------------------------------------------------|
| [Write Relationship Tuples](#write-relationship-tuples) | `write` | `--store-id`, `--model-id` | `fga tuple write --store-id=01H0H015178Y2V4CX10C2KGHF4 '{"schema_version":"1.1","type_definitions":[...]}'` |
| [Delete Relationship Tuples](#delete-relationship-tuples) | `delete` | `--store-id`, `--model-id` | `fga tuple delete --store-id=01H0H015178Y2V4CX10C2KGHF4` |
| [Read Relationship Tuples](#read-relationship-tuples) | `read` | `--store-id`, `--model-id` | `fga tuple read --store-id=01H0H015178Y2V4CX10C2KGHF4 --model-id=01GXSA8YR785C4FYS3C0RTG7B1` |
| [Read Relationship Tuple Changes (Watch)](#read-relationship-tuple-changes-watch) | `changes` | `--store-id`, `--model-id` | `fga tuple changes --store-id=01H0H015178Y2V4CX10C2KGHF4 --model-id=01GXSA8YR785C4FYS3C0RTG7B1` |
| [Import Relationship Tuples](#import-relationship-tuplesl) | `import` | `--store-id`, `--model-id`, `--file` | `fga tuple import --store-id=01H0H015178Y2V4CX10C2KGHF4 --model-id=01GXSA8YR785C4FYS3C0RTG7B1 --file=tuples.json` |

##### Write Relationship Tuples

Expand Down Expand Up @@ -443,6 +440,69 @@ fga tuple **changes** --type <type> --store-id=<store-id>
}
```

##### Import Relationship Tuples

###### Command
fga tuple **import** --store-id=<store-id> [--model-id=<model-id>] --file=<filename> [--max-tuples-per-write=<num>] [--max-parallel-requests=<num>]

###### Parameters
* `--store-id`: Specifies the store id
* `--model-id`: Specifies the model id to target (optional)
* `--file`: Specifies the file name, `yaml` and `json` files are supported
* `--max-tuples-per-write`: Max tuples to send in a single write (optional, default=20)
* `--max-parallel-requests`: Max requests to send in parallel (optional, default=4)

File format should be:
In YAML:
```yaml
- user: user:anne
relation: can_view
object: document:roadmap
- user: user:beth
relation: can_view
object: document:roadmap
```
In JSON:
```json
[{
"user": "user:anne",
"relation": "can_view",
"object": "document:roadmap"
}, {
"user": "user:beth",
"relation": "can_view",
"object": "document:roadmap"
}]
```

###### Example
`fga tuple import --store-id=01H0H015178Y2V4CX10C2KGHF4 --file tuples.json`

###### JSON Response
```json5
{
"successful": [
{
"object":"document:roadmap",
"relation":"writer",
"user":"user:annie"
}
],
"failed": [
{
"tuple_key": {
"object":"document:roadmap",
"relation":"writer",
"user":"carl"
},
"reason":"Write validation error ..."
}
]
}
```

#### Relationship Queries

- `query`
Expand Down
26 changes: 23 additions & 3 deletions cmd/model/write.go
Original file line number Diff line number Diff line change
Expand Up @@ -47,8 +47,8 @@ func write(fgaClient client.SdkClient, text string) (*client.ClientWriteAuthoriz
var writeCmd = &cobra.Command{
Use: "write",
Short: "Write Authorization Model",
Args: cobra.ExactArgs(1),
Example: `fga model write --store-id=01H0H015178Y2V4CX10C2KGHF4 '{"type_definitions": [ { "type": "user" }, { "type": "document", "relations": { "can_view": { "this": {} } }, "metadata": { "relations": { "can_view": { "directly_related_user_types": [ { "type": "user" } ] }}}} ], "schema_version": "1.1"}'`, //nolint:lll
Args: cobra.MaximumNArgs(1),
Example: `fga model write --store-id=01H0H015178Y2V4CX10C2KGHF4 --file=model.json`,
RunE: func(cmd *cobra.Command, args []string) error {
clientConfig := cmdutils.GetClientConfig(cmd)

Expand All @@ -57,7 +57,26 @@ var writeCmd = &cobra.Command{
return fmt.Errorf("failed to initialize FGA Client due to %w", err)
}

response, err := write(fgaClient, args[0])
fileName, err := cmd.Flags().GetString("file")
if err != nil {
return fmt.Errorf("failed to parse file name due to %w", err)
}

var inputModel string
if fileName != "" {
file, err := os.ReadFile(fileName)
if err != nil {
return fmt.Errorf("failed to read file %s due to %w", fileName, err)
}
inputModel = string(file)
} else {
if len(args) == 0 || args[0] == "-" {
return cmd.Help() //nolint:wrapcheck
}
inputModel = args[0]
}

response, err := write(fgaClient, inputModel)
if err != nil {
return err
}
Expand All @@ -68,6 +87,7 @@ var writeCmd = &cobra.Command{

func init() {
writeCmd.Flags().String("store-id", "", "Store ID")
writeCmd.Flags().String("file", "", "File Name. The file should have the model in the JSON format")

if err := writeCmd.MarkFlagRequired("store-id"); err != nil {
fmt.Printf("error setting flag as required - %v: %v\n", "cmd/models/write", err)
Expand Down
Loading

0 comments on commit c6299c5

Please sign in to comment.