Open
Description
Preflight checklist
- I could not find a solution in the existing issues, docs, nor discussions.
- I agree to follow this project's Code of Conduct.
- I have read and am following this repository's Contribution Guidelines.
- I have joined the Ory Community Slack.
- I am signed up to the Ory Security Patch Newsletter.
Ory Network Project
https://gracious-hypatia-b9te8t22yp.projects.oryapis.com
Describe the bug
Following steps in this guide: https://www.ory.sh/docs/keto/modeling/create-permission-model
Created a bug here as the documentation should make clearer how to the setup relationships to make the permission model work.
Please let me know if I understand something fundamentally wrong about the way the permission model is supposed to work :)
Reproducing the bug
- Go the permission model page
- Copy code of
permissions-v5.ts - Go to https://console.ory.sh/projects/-/permissions/configuration
- Paste the code under "Permission Rules"
- Click save
- Go to relationships: https://console.ory.sh/projects/-/permissions/relationships
- Create the following two relationships:
userAisownersofFolder:folderAfolderAisparentsofDocument:docA- Make the following request: https://-.projects.oryapis.com/relation-tuples/check?namespace=Document&object=docA&relation=share&subject_id=userA&max-depth=100
Expected: /relation-tuples/check returns {"allowed": true}
Actual: /relation-tuples/check returns {"allowed": false}
Relevant log output
No response
Relevant configuration
No response
Version
v0.13.0-alpha.0
On which operating system are you observing this issue?
Ory Network
In which environment are you deploying?
Ory Network
Additional Context
Permission v3 and v4 don't work. Permission v5 works again (which is marked as optional) :D