Skip to content

GitHub Action for coverage analyses your Permify schema (Authorization Model) with their assertions

License

Notifications You must be signed in to change notification settings

Permify/permify-coverage-action

Use this GitHub action with your project
Add this Action to an existing workflow or create a new one
View on Marketplace

Repository files navigation

Permify logo
Permify Schema Coverage GitHub Action

Permify Licence  Permify Discord Channel 

Screenshot 2023-06-13 at 11 30 03 PM

This repository executes the permify coverage command on the provided schema (authorization model), relationships (sample authorization data), and assertions (sample check queries and results). The analysis includes coverage assessments for both assertions and relationships.

You can find detailed information on this repository in the Testing & Validation part of our documentation.

Example Schema Validation YAML File

schema: >-
  entity user {}

  entity organization {

      relation admin @user
      relation member @user

      permission create_repository = (admin or member)
      permission delete = admin
  }

  entity repository {

      relation owner @user
      relation parent @organization

      permission push = owner
      permission read = (owner and (parent.admin and parent.member))
      permission delete = (parent.member and (parent.admin or owner))
  }

relationships:
  - "organization:1#admin@user:1"
  - "organization:1#member@user:1"
  - "repository:1#owner@user:1"

scenarios:
  - name: "scenario 1"
    description: "test description"
    checks:
      - entity: "repository:1"
        subject: "user:1"
        assertions:
          push : true
      - entity: "repository:2"
        subject: "user:1"
        assertions:
          push : false
      - entity: "repository:3"
        subject: "user:1"
        assertions:
          push : false

Usage

Add the action following your workflow:

  • With local file
steps:
  - uses: "permify/permify-coverage-action@v1"
    with:
      validationFile: "test.yaml"
      coverageRelationships: 80
      coverageAssertions: 80
  • With url
steps:
  - uses: "permify/permify-coverage-action@v1"
    with:
      validationFile: "https://gist.github.com/permify-bot/bb8f95acb64525d2a41688ae0a6f4274"
      coverageRelationships: 80
      coverageAssertions: 80

Permify is an open-source authorization service for creating and maintaining fine-grained authorizations across your individual applications and services.

Testing in Local

You can also test your new authorization model in your local (Permify clone) without using permify-coverage-action at all.

For that open up a new file and add a schema yaml file inside. Then build your project with, run make run command and run ./permify coverage {path of your schema validation file}.

If we use the above example schema validation file, after running ./permify coverage {path of your schema validation file} it gives a result on the terminal as:

Community & Support

Join our Discord channel for issues, feature requests, feedbacks or anything else. We love to talk about authorization and access control ❤️

permify | Discord permify | Twitter permify | Linkedin