access-controller icon indicating copy to clipboard operation
access-controller copied to clipboard
verified publisher icon authorizer-tech

feat: add Lookup API to lookup the relations a subject has to one or more objects

Open jon-whit opened this issue 4 years ago • 2 comments

Given one or more relations and a subject, the goal of the Lookup API is to determine the object(s) for which the user has the given relation(s). The query should resolve by starting at the subject node in the Graph of Relations and doing a reverse traversal until all of the object nodes of the graph have been reached from the initial subject node.

jon-whit avatar Jul 21 '21 01:07 jon-whit

Sounds like similar to https://docs.authzed.com/v0/api/#aclservicelookup, right?

kevinz avatar Aug 04 '21 23:08 kevinz

Sounds like similar to https://docs.authzed.com/v0/api/#aclservicelookup, right?

Yep, same idea. The goal is to be able to lookup a subjects specific relations to one or more objects in one or more namespaces. This differs from the Expand API which returns all subjects and subject sets having a certain relation to an object.

The lookup API will be better suited for front-end UI component filtering and authorization filtering, just to two name two examples.

jon-whit avatar Aug 05 '21 05:08 jon-whit