github.com/authzed/spicedb@v1.32.1-0.20240520085336-ebda56537386/internal/services/integrationtesting/testconfigs/multipleexclusion.yaml

github.com/authzed/spicedb@v1.32.1-0.20240520085336-ebda56537386/internal/services/integrationtesting/testconfigs/multipleexclusion.yaml (about)

     1  ---
     2  schema: >-
     3    definition user {}
     4  
     5    definition resource {
     6      relation first: user
     7      relation second: user
     8      relation third: user
     9      permission exclusion1 = first - second - third
    10      permission exclusion2 = (first - second) - third
    11      permission exclusion3 = first - (second - third)
    12    }
    13  relationships: |
    14    // tom is just found for first
    15    resource:r0#first@user:tom
    16  
    17    // tom is always excluded
    18    resource:r1#first@user:tom
    19    resource:r1#second@user:tom
    20    resource:r1#third@user:tom
    21  
    22    // tom is excluded via second but not third
    23    resource:r2#first@user:tom
    24    resource:r2#second@user:tom
    25  
    26    // tom is excluded via third but not second
    27    resource:r3#first@user:tom
    28    resource:r3#third@user:tom
    29  assertions:
    30    assertTrue:
    31      - "resource:r0#exclusion1@user:tom"
    32      - "resource:r0#exclusion2@user:tom"
    33      - "resource:r0#exclusion3@user:tom"
    34      - "resource:r1#exclusion3@user:tom"
    35      - "resource:r3#exclusion3@user:tom"
    36    assertFalse:
    37      - "resource:r1#exclusion1@user:tom"
    38      - "resource:r1#exclusion2@user:tom"
    39      - "resource:r2#exclusion1@user:tom"
    40      - "resource:r2#exclusion2@user:tom"
    41      - "resource:r2#exclusion3@user:tom"
    42      - "resource:r3#exclusion1@user:tom"
    43      - "resource:r3#exclusion2@user:tom"