github.com/authzed/spicedb@v1.32.1-0.20240520085336-ebda56537386/internal/services/integrationtesting/testconfigs/caveatip.yaml (about) 1 --- 2 schema: |+ 3 definition user {} 4 5 caveat is_valid_ip(user_ip ipaddress, cidr string) { 6 user_ip.in_cidr(cidr) 7 } 8 9 definition document { 10 relation viewer: user with is_valid_ip | user 11 permission view = viewer 12 } 13 14 relationships: >- 15 document:firstdoc#viewer@user:tom[is_valid_ip:{"cidr":"10.0.0.0/8"}] 16 17 document:firstdoc#viewer@user:sarah[is_valid_ip:{"cidr":"10.1.0.0/16"}] 18 19 document:firstdoc#viewer@user:tracy 20 assertions: 21 assertTrue: 22 - 'document:firstdoc#view@user:tracy' 23 - 'document:firstdoc#view@user:tom with {"user_ip": "10.2.3.4"}' 24 - 'document:firstdoc#view@user:sarah with {"user_ip": "10.1.3.4"}' 25 assertCaveated: 26 - 'document:firstdoc#view@user:tom' 27 - 'document:firstdoc#view@user:sarah' 28 assertFalse: 29 - 'document:firstdoc#view@user:tom with {"user_ip": "1.2.3.4"}' 30 - 'document:firstdoc#view@user:sarah with {"user_ip": "10.2.3.4"}'