Merge pull request #313 from aserto-dev/model-v2

Model V2
aserto-dev · Feb 23, 2024 · 9e4ac65 · 9e4ac65
2 parents 3b4c337 + 90b83e2
commit 9e4ac65
Show file tree

Hide file tree

Showing 82 changed files with 3,076 additions and 2,530 deletions.
diff --git a/Dockerfile b/Dockerfile
@@ -2,8 +2,15 @@ FROM alpine
 
 RUN apk add --no-cache bash tzdata
 
+RUN mkdir /config && \
+    mkdir /certs && \
+    mkdir /db && \
+    mkdir /decisions
+VOLUME ["/config", "/certs", "/db", "/decisions"]
+
 WORKDIR /app
 
 COPY dist/topaz*_linux_amd64_v1/topaz* /app/
 
 ENTRYPOINT ["./topazd"]
+CMD ["run", "-c", "/config/config.yaml"]
diff --git a/Dockerfile.goreleaser b/Dockerfile.goreleaser
@@ -2,8 +2,15 @@ FROM alpine
 
 RUN apk add --no-cache bash tzdata
 
+RUN mkdir /config && \
+    mkdir /certs && \
+    mkdir /db && \
+    mkdir /decisions
+VOLUME ["/config", "/certs", "/db", "/decisions"]
+
 WORKDIR /app
 
 COPY topaz* /app/
 
 ENTRYPOINT ["./topazd"]
+CMD ["run", "-c", "/config/config.yaml"]
diff --git a/assets/citadel/citadel_relations.json b/assets/citadel/citadel_relations.json
@@ -119,6 +119,14 @@
       "subject_type": "user",
       "subject_id": "[email protected]"
     },
+    {
+      "object_type": "group",
+      "object_id": "editor",
+      "relation": "member",
+      "subject_type": "group",
+      "subject_id": "admin",
+      "subject_relation": "member"
+    },
     {
       "object_type": "group",
       "object_id": "evil_genius",
@@ -139,6 +147,14 @@
       "relation": "member",
       "subject_type": "user",
       "subject_id": "[email protected]"
+    },
+    {
+      "object_type": "group",
+      "object_id": "viewer",
+      "relation": "member",
+      "subject_type": "group",
+      "subject_id": "editor",
+      "subject_relation": "member"
     }
   ]
 }
diff --git a/assets/citadel/ds-load/citadel.json b/assets/citadel/ds-load/citadel.json
@@ -304,6 +304,14 @@
         "subject_type": "user",
         "subject_id": "[email protected]"
       },
+      {
+        "object_type": "group",
+        "object_id": "editor",
+        "relation": "member",
+        "subject_type": "group",
+        "subject_id": "admin",
+        "subject_relation": "member"
+      },
       {
         "object_type": "group",
         "object_id": "evil_genius",
@@ -324,6 +332,14 @@
         "relation": "member",
         "subject_type": "user",
         "subject_id": "[email protected]"
+      },
+      {
+        "object_type": "group",
+        "object_id": "viewer",
+        "relation": "member",
+        "subject_type": "group",
+        "subject_id": "editor",
+        "subject_relation": "member"
       }
     ]
   }

diff --git a/assets/citadel/manifest.yaml b/assets/citadel/manifest.yaml
@@ -27,5 +27,5 @@ types:
   group:
     relations:
       ### display_name: group#member ###
-      member: user
+      member: user | group#member
 
diff --git a/assets/gdrive.json b/assets/gdrive.json
@@ -2,17 +2,21 @@
     "name": "gdrive",
     "description": "Google Drive",
     "assets": {
-        "manifest": "simple-rbac/manifest.yaml",
+        "manifest": "gdrive/manifest.yaml",
         "policy": {
             "name": "gdrive",
             "resource": "ghcr.io/aserto-policies/policy-rebac:latest"
         },
         "idp_data": [
-            "gdrive/gdrive_objects.json",
-            "gdrive/gdrive_relations.json"
+            "citadel/citadel_objects.json",
+            "citadel/citadel_relations.json"
         ],
         "domain_data": [
+            "gdrive/gdrive_objects.json",
+            "gdrive/gdrive_relations.json"
         ],
-        "assertions": []
+        "assertions": [
+            "gdrive/test/gdrive_assertions.json"
+        ]
     }
 }