Merge pull request #127 from holaplex/mpw/permissions-chart-update

add -collection- to keto namespace

Author: mpwsh

charts/hub-permissions/Chart.yaml

@@ -18,7 +18,7 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 0.4.1
+version: 0.4.2
 
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to

charts/hub-permissions/policies/namespaces.keto.ts

@@ -131,6 +131,29 @@ class Drop implements Namespace {
   }
 }
 
+class Collection implements Namespace {
+  related: {
+    owners: User[]
+    editors: User[]
+    viewers: User[]
+    parents: Project[]
+  }
+
+  permits = {
+    view: (ctx: Context): boolean =>
+      this.related.viewers.includes(ctx.subject) ||
+      this.related.parents.traverse((parent) => parent.permits.view(ctx)) ||
+      this.permits.edit(ctx),
+    edit: (ctx: Context): boolean =>
+      this.related.editors.includes(ctx.subject) ||
+      this.related.parents.traverse((parent) => parent.permits.edit(ctx)) ||
+      this.permits.delete(ctx),
+    delete: (ctx: Context): boolean =>
+      this.related.owners.includes(ctx.subject) ||
+      this.related.parents.traverse((parent) => parent.permits.delete(ctx)),
+  }
+}
+
 class Project implements Namespace {
   related: {
     owners: User[]
@@ -175,4 +198,4 @@ class Organization implements Namespace {
       this.related.owners.includes(ctx.subject) ||
       this.related.parents.traverse((parent) => parent.permits.delete(ctx)),
   }
-}
+}