Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: expand GPRC service and CLI #383

Merged
merged 2 commits into from
Jan 4, 2021
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
442 changes: 442 additions & 0 deletions api/keto/acl/v1alpha1/expand_service.pb.go

Large diffs are not rendered by default.

71 changes: 71 additions & 0 deletions api/keto/acl/v1alpha1/expand_service.proto
Original file line number Diff line number Diff line change
@@ -0,0 +1,71 @@
syntax = "proto3";

package keto.acl.v1alpha1;

import "keto/acl/v1alpha1/acl.proto";

option go_package = "github.com/ory/keto/api/keto/acl/v1alpha1;acl";
option csharp_namespace = "Ory.Keto.Acl.V1Alpha1";
option java_multiple_files = true;
option java_outer_classname = "ExpandServiceProto";
option java_package = "sh.ory.keto.acl.v1alpha1";
option php_namespace = "Ory\\Keto\\Acl\\V1alpha1";

// The service that performs subject set expansion
// based on the stored Access Control Lists.
service ExpandService {
// Expands the subject set into a tree of subjects.
rpc Expand(ExpandRequest) returns (ExpandResponse);
}

// The request for a ExpandService.Expand rpc.
// Expands the given subject set.
message ExpandRequest {
// The subject to expand.
Subject subject = 1;
// The maximum depth of tree to build.
int32 max_depth = 2;
// Optional. Like reads, a expand is always evaluated at a
// consistent snapshot no earlier than the given snaptoken.
//
// Leave this field blank if you want to expand
// based on eventually consistent ACLs, benefiting from very
// low latency, but possibly slightly stale results.
//
// If the specified token is too old and no longer known,
// the server falls back as if no snaptoken had been specified.
//
// If not specified the server tries to build the tree
// on the best snapshot version where it is very likely that
// ACLs had already been replicated to all availability zones.
string snaptoken = 3;
}

// The response for a ExpandService.Expand rpc.
message ExpandResponse {
// The tree the requested subject set expands to.
// The requested subject set is the subject of the root.
SubjectTree tree = 1;
}

enum NodeType {
NODE_TYPE_UNSPECIFIED = 0;
// This node expands to a union of all children.
NODE_TYPE_UNION = 1;
// Not implemented yet.
NODE_TYPE_EXCLUSION = 2;
// Not implemented yet.
NODE_TYPE_INTERSECTION = 3;
// This node is a leaf and contains no children.
// Its subject is a SubjectID unless max_depth was reached.
NODE_TYPE_LEAF = 4;
}

message SubjectTree {
// The type of the node.
NodeType node_type = 1;
// The subject this node represents.
Subject subject = 2;
// The children of this node; not given if node_type == Leaf.
repeated SubjectTree children = 3;
}
97 changes: 97 additions & 0 deletions api/keto/acl/v1alpha1/expand_service_grpc.pb.go

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

64 changes: 64 additions & 0 deletions cmd/expand/root.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,64 @@
package expand

import (
"fmt"

"github.com/ory/x/cmdx"
"github.com/spf13/cobra"

acl "github.com/ory/keto/api/keto/acl/v1alpha1"
"github.com/ory/keto/cmd/client"
"github.com/ory/keto/internal/expand"
)

const FlagMaxDepth = "max-depth"

func NewExpandCmd() *cobra.Command {
cmd := &cobra.Command{
Use: "expand <relation> <namespace> <object>",
Args: cobra.ExactArgs(3),
RunE: func(cmd *cobra.Command, args []string) error {
conn, err := client.GetGRPCConn(cmd)
if err != nil {
return nil
}
defer conn.Close()

maxDepth, err := cmd.Flags().GetInt32(FlagMaxDepth)
if err != nil {
return err
}

cl := acl.NewExpandServiceClient(conn)
resp, err := cl.Expand(cmd.Context(), &acl.ExpandRequest{
Subject: &acl.Subject{
Ref: &acl.Subject_Set{
Set: &acl.SubjectSet{
Relation: args[0],
Namespace: args[1],
Object: args[2],
},
},
},
MaxDepth: maxDepth,
})
if err != nil {
_, _ = fmt.Fprintf(cmd.ErrOrStderr(), "Error making the request: %s\n", err.Error())
return cmdx.FailSilently(cmd)
}

cmdx.PrintJSONAble(cmd, expand.TreeFromGRPC(resp.Tree))
return nil
},
}

client.RegisterRemoteURLFlag(cmd.Flags())
cmdx.RegisterJSONFormatFlags(cmd.Flags())
cmd.Flags().Int32P(FlagMaxDepth, "d", 100, "maximum depth of the tree")

return cmd
}

func RegisterCommandsRecursive(parent *cobra.Command) {
parent.AddCommand(NewExpandCmd())
}
2 changes: 1 addition & 1 deletion cmd/relationtuple/get.go
Original file line number Diff line number Diff line change
Expand Up @@ -78,7 +78,7 @@ func newGetCmd() *cobra.Command {
return err
}

cmdx.PrintCollection(cmd, relationtuple.NewGRPCRelationCollection(resp.RelationTuples))
cmdx.PrintTable(cmd, relationtuple.NewGRPCRelationCollection(resp.RelationTuples))
return nil
},
}
Expand Down
3 changes: 3 additions & 0 deletions cmd/root.go
Original file line number Diff line number Diff line change
Expand Up @@ -22,6 +22,8 @@ import (
"path/filepath"
"runtime"

"github.com/ory/keto/cmd/expand"

"github.com/ory/keto/cmd/check"

"github.com/ory/keto/cmd/server"
Expand Down Expand Up @@ -50,6 +52,7 @@ func NewRootCmd() *cobra.Command {
migrate.RegisterCommandsRecursive(cmd)
server.RegisterCommandsRecursive(cmd)
check.RegisterCommandsRecursive(cmd)
expand.RegisterCommandsRecursive(cmd)

cmd.AddCommand(cmdx.Version(&config.Version, &config.Commit, &config.Date))

Expand Down
3 changes: 3 additions & 0 deletions cmd/server/serve.go
Original file line number Diff line number Diff line change
Expand Up @@ -84,6 +84,9 @@ on configuration options, open the configuration documentation:
checkS := check.NewGRPCServer(reg)
acl.RegisterCheckServiceServer(grpcServer, checkS)

expandS := expand.NewGRPCServer(reg)
acl.RegisterExpandServiceServer(grpcServer, expandS)

reg.Logger().WithField("addr", lis.Addr().String()).Info("serving GRPC")
if err := grpcServer.Serve(lis); err != nil {
_, _ = fmt.Fprintf(cmd.ErrOrStderr(), "%+v\n", err)
Expand Down
4 changes: 2 additions & 2 deletions go.mod
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,8 @@ module github.com/ory/keto

replace google.golang.org/protobuf v1.25.1-0.20201020201750-d3470999428b => google.golang.org/protobuf v1.25.0

replace github.com/ory/x => github.com/ory/x v0.0.172-0.20210102140819-6d303ca968d8

require (
github.com/HdrHistogram/hdrhistogram-go v1.0.1 // indirect
github.com/asaskevich/govalidator v0.0.0-20200428143746-21a406dcc535 // indirect
Expand All @@ -15,7 +17,6 @@ require (
github.com/go-openapi/swag v0.19.5
github.com/go-openapi/validate v0.19.3
github.com/go-swagger/go-swagger v0.21.1-0.20200107003254-1c98855b472d
github.com/gobuffalo/packr v1.24.1 // indirect
github.com/gobuffalo/pop/v5 v5.3.1
github.com/golang/protobuf v1.4.3
github.com/gorilla/sessions v1.1.3
Expand All @@ -31,7 +32,6 @@ require (
github.com/pelletier/go-toml v1.8.0
github.com/pkg/errors v0.9.1
github.com/rs/cors v1.6.0
github.com/rubenv/sql-migrate v0.0.0-20190327083759-54bad0a9b051 // indirect
github.com/segmentio/objconv v1.0.1
github.com/shopspring/decimal v1.2.0 // indirect
github.com/sirupsen/logrus v1.6.0
Expand Down
Loading