go get buf.build/gen/go/permifyco/permify/protocolbuffers/go/base/v1
go get github.com/Permify/permify-go
import (
permify_payload "buf.build/gen/go/permifyco/permify/protocolbuffers/go/base/v1"
permify_grpc "github.com/Permify/permify-go/grpc"
)
// generate new client
client, err := permify_grpc.NewClient(
permify_grpc.Config{
Endpoint: `localhost:3478`,
},
grpc.WithTransportCredentials(insecure.NewCredentials()),
)
ct, err := client.Tenancy.Create(context.Background(), &permify_payload.TenantCreateRequest{
Id: "t1",
Name: "tenant 1",
})
sr, err: = client.Schema.Write(context.Background(), &permify_payload.SchemaWriteRequest {
TenantId: "t1",
Schema: `
entity user {}
entity document {
relation viewer @user
action view = viewer
}`,
})
rr, err := client.Data.WriteRelationships(context.Background(), & permify_payload.RelationshipWriteRequest {
TenantId: "t1",
Metadata: & permify_payload.RelationshipWriteRequestMetadata {
SchemaVersion: sr.SchemaVersion, // sr --> schema write response
},
Tuples: [] * permify_payload.Tuple {
{
Entity: & permify_payload.Entity {
Type: "document",
Id: "1",
},
Relation: "viewer",
Subject: & permify_payload.Subject {
Type: "user",
Id: "1",
},
}, {
Entity: & permify_payload.Entity {
Type: "document",
Id: "3",
},
Relation: "viewer",
Subject: & permify_payload.Subject {
Type: "user",
Id: "1",
},
}
},
})
cr, err := client.Permission.Check(context.Background(), & permify_payload.PermissionCheckRequest {
TenantId: "t1",
Metadata: & permify_payload.PermissionCheckRequestMetadata {
SnapToken: rr.SnapToken, // rr --> relationship write response
SchemaVersion: sr.SchemaVersion, // sr --> schema write response
Depth: 50,
},
Entity: & permify_payload.Entity {
Type: "document",
Id: "1",
},
Permission: "view",
Subject: & permify_payload.Subject {
Type: "user",
Id: "3",
},
})
if (cr.can == PermissionCheckResponse_Result.RESULT_ALLOWED) {
// RESULT_ALLOWED
} else {
// RESULT_DENIED
}
str, err := client.Permission.LookupEntityStream(context.Background(), & permify_payload.PermissionLookupEntityRequest {
TenantId: "t1",
Metadata: & permify_payload.PermissionLookupEntityRequestMetadata {
SnapToken: rr.SnapToken, // rr --> relationship write response
SchemaVersion: sr.SchemaVersion, // sr --> schema write response
Depth: 50,
},
EntityType: "document",
Permission: "view",
Subject: & permify_payload.Subject {
Type: "user",
Id: "1",
},
})
// handle stream response
for {
res, err: = str.Recv()
if err == io.EOF {
break
}
// res.EntityId
}
Permify is an open-source authorization service for creating and maintaining fine-grained authorizations across your individual applications and services.
Join our Discord channel for issues, feature requests, feedbacks or anything else. We love to talk about authorization and access control ❤️