Proposal: Reflection APIs for SpiceDB #1505
Labels
area/api v1
Affects the v1 API
area/tooling
Affects the dev or user toolchain (e.g. tests, ci, build tools)
kind/proposal
Something fundamentally needs to change
state/gauging interest
This needs to be championed before being worked on
state/needs discussion
This can't be worked on yet
A number of issues have been filed within SpiceDB around the ability to reflect upon schema and its types:
#613
#439
#1173
The following is a proposal for a series of new APIs to provide these reflection capabilities over schema, to be added to the
v1.schema
package.Important
These APIs will operate solely over the structure of schema and not over any data; computation of data-based answers is done via APIs such as CheckPermission, LookupResources, etc
Schema Reflection API
schema.ReflectSchema
will provide a means for basic structural reflection of the entire schema, including metadata such as commentsSee: #439
ComputablePermissions API
schema.ComputablePermissions
provides a means for accessing the reachability graph and determining all permissions which are reachable from one (or more) relations. This walks from relations->permissions, upward through the schema.This + batch check can resolve: #1173
DependentRelations API
schema.DependentRelations
will provides a means for accessing the reachability graph and determining all relations which are reachable from a permission. This walks downward from permissions->relations.See: #613
The text was updated successfully, but these errors were encountered: