SpiceDb 1.2.2

There is a newer version of this package available.
See the version list below for details.

dotnet add package SpiceDb --version 1.2.2

NuGet\Install-Package SpiceDb -Version 1.2.2

This command is intended to be used within the Package Manager Console in Visual Studio, as it uses the NuGet module's version of Install-Package.

<PackageReference Include="SpiceDb" Version="1.2.2" />

For projects that support PackageReference, copy this XML node into the project file to reference the package.

paket add SpiceDb --version 1.2.2

The NuGet Team does not provide support for this client. Please contact its maintainers for support.

#r "nuget: SpiceDb, 1.2.2"

#r directive can be used in F# Interactive and Polyglot Notebooks. Copy this into the interactive tool or source code of the script to reference the package.

// Install SpiceDb as a Cake Addin
#addin nuget:?package=SpiceDb&version=1.2.2

// Install SpiceDb as a Cake Tool
#tool nuget:?package=SpiceDb&version=1.2.2

The NuGet Team does not provide support for this client. Please contact its maintainers for support.

SpiceDb

Simple SpiceDb client based on SpiceDB.Hierarchical.UI - Works with AuthZed

https://github.com/MaheshBailwal/SpiceDB.Hierarchical.UI

Available on Nuget at https://www.nuget.org/packages/SpiceDb

Usage

Install

Install the package using NuGet
Install-Package SpiceDb

Example Using UserSecrets


using Microsoft.Extensions.Configuration;
using SpiceDb.Example;
using SpiceDb.Example.MyObjects;
using SpiceDb.Models;

// This is just to keep the server address and token private
var builder = new ConfigurationBuilder()
	.AddUserSecrets(typeof(Secrets).Assembly)
	.AddEnvironmentVariables();
var configurationRoot = builder.Build();

var secrets = configurationRoot.GetSection("AuthZed").Get<Secrets>();

if (secrets is null)
	throw new ArgumentException("Invalid secrets configuration");

// var serverAddress = "https://grpc.authzed.com";
var client = new SpiceDbClient(secrets.ServerAddress, secrets.Token);

// Add relationship where user:bob is a reader of document:firstdoc
client.AddRelationship("arch/document:firstdoc#reader@arch/user:bob");
client.AddRelationship(new Relationship("arch/document:firstdoc", "reader", "arch/user:jacob"));

// This approach uses a little syntactic sugar to define each of the relations
client.AddRelationship(ZedUser.WithId("carmella").CanRead(ZedDocument.WithId("firstdoc")));

// Check to see if user:bob is in fact now a reader of document:firstdoc
var bobCanRead = client.CheckPermission(new Permission("arch/document:firstdoc#reader@arch/user:bob"));

Console.WriteLine($"Can user bob read document:firstdoc? {bobCanRead.HasPermission}");
// true

// Check to see if user:carmella is in fact now a reader of document:firstdoc
var carmellaCanRead = client.CheckPermission(ZedUser.WithId("carmella").CanRead(ZedDocument.WithId("firstdoc")));

Console.WriteLine($"Can user carmella read document:firstdoc? {carmellaCanRead.HasPermission}");
// true

API Methods


/// <summary>
/// ReadRelationships reads a set of the relationships matching one or more filters.
/// </summary>
/// <param name="resource"></param>
/// <param name="subject"></param>
/// <param name="zedToken"></param>
/// <param name="cacheFreshness"></param>
/// <returns></returns>
IAsyncEnumerable<SpiceDb.Models.ReadRelationshipsResponse> ReadRelationshipsAsync(Models.RelationshipFilter resource, Models.RelationshipFilter? subject = null,
	ZedToken? zedToken = null,
	CacheFreshness cacheFreshness = CacheFreshness.AnyFreshness);

/// <summary>
/// WriteRelationships atomically writes and/or deletes a set of specified relationships. An optional set of
/// preconditions can be provided that must be satisfied for the operation to commit.
/// </summary>
/// <param name="relationships"></param>
/// <returns></returns>
Task<ZedToken?> WriteRelationshipsAsync(List<SpiceDb.Models.RelationshipUpdate>? relationships, List<SpiceDb.Models.Precondition>? preconditions = null);

/// <summary>
/// Checks whether the permission exists or not. Contains support for context as well where context objects
/// can be string, bool, double, int, uint, or long.
/// </summary>
/// <param name="permission">Permission relationship to evaluate</param>
/// <param name="context">Additional context information that may be needed for evaluating caveats</param>
/// <param name="zedToken"></param>
/// <returns></returns>
Task<PermissionResponse> CheckPermissionAsync(SpiceDb.Models.Permission permission, Dictionary<string, object>? context = null, ZedToken? zedToken = null, CacheFreshness cacheFreshness = CacheFreshness.AnyFreshness);

Task<PermissionResponse> CheckPermissionAsync(string permission, Dictionary<string, object>? context = null, ZedToken? zedToken = null, CacheFreshness cacheFreshness = CacheFreshness.AnyFreshness);
PermissionResponse CheckPermission(SpiceDb.Models.Permission permission, Dictionary<string, object>? context = null, ZedToken? zedToken = null, CacheFreshness cacheFreshness = CacheFreshness.AnyFreshness);
PermissionResponse CheckPermission(string permission, Dictionary<string, object>? context = null, ZedToken? zedToken = null, CacheFreshness cacheFreshness = CacheFreshness.AnyFreshness);

/// <summary>
/// ExpandPermissionTree reveals the graph structure for a resource's permission or relation. This RPC does not recurse infinitely
/// deep and may require multiple calls to fully unnest a deeply nested graph.
/// </summary>
/// <param name="resource"></param>
/// <param name="permission"></param>
/// <param name="zedToken"></param>
/// <param name="cacheFreshness"></param>
/// <returns></returns>
Task<ExpandPermissionTreeResponse?> ExpandPermissionAsync(ResourceReference resource, string permission, ZedToken? zedToken = null, CacheFreshness cacheFreshness = CacheFreshness.AnyFreshness);

Task<ZedToken> AddRelationshipAsync(SpiceDb.Models.Relationship relation);
Task<ZedToken> AddRelationshipAsync(string relation);
ZedToken AddRelationship(SpiceDb.Models.Relationship relation);
ZedToken AddRelationship(string relation);
Task<ZedToken> DeleteRelationshipAsync(SpiceDb.Models.Relationship relation);

/// <summary>
/// LookupSubjects returns all the subjects of a given type that have access whether via a computed permission or relation membership.
/// </summary>
/// <param name="resource">Resource is the resource for which all matching subjects for the permission or relation will be returned.</param>
/// <param name="permission">permission is the name of the permission (or relation) for which to find the subjects</param>
/// <param name="subjectType">subjecttype is the type of subject object for which the IDs will be returned</param>
/// <param name="optionalSubjectRelation">optionalSubjectRelation is the optional relation for the subject.</param>
/// <param name="context">context consists of named values that are injected into the caveat evaluation context *</param>
/// <param name="zedToken"></param>
/// <param name="cacheFreshness"></param>
/// <returns></returns>
IAsyncEnumerable<SpiceDb.Models.LookupSubjectsResponse> LookupSubjects(ResourceReference resource,
	string permission,
	string subjectType, string optionalSubjectRelation = "", 
	Dictionary<string, object>? context = null,
	ZedToken? zedToken = null, CacheFreshness cacheFreshness = CacheFreshness.AnyFreshness);

Task<List<string>> GetResourcePermissionsAsync(string resourceType, string permission, ResourceReference subject, ZedToken? zedToken = null, CacheFreshness cacheFreshness = CacheFreshness.AnyFreshness);
string ExportSchema();
Task ImportSchemaFromFileAsync(string filePath, string prefix = "");

/// <summary>
/// Imports an Authzed Playground compatible schema (not a yaml file, just the commented schema)
/// </summary>
/// <param name="schema"></param>
/// <param name="prefix"></param>
/// <returns></returns>
Task ImportSchemaFromStringAsync(string schema, string prefix = "");

Task<ZedToken?> ImportRelationshipsFromFileAsync(string filePath);
Task<ZedToken?> ImportRelationshipsAsync(string content);

Product	Compatible and additional computed target framework versions.
.NET	net7.0 is compatible. net7.0-android was computed. net7.0-ios was computed. net7.0-maccatalyst was computed. net7.0-macos was computed. net7.0-tvos was computed. net7.0-windows was computed. net8.0 was computed. net8.0-android was computed. net8.0-browser was computed. net8.0-ios was computed. net8.0-maccatalyst was computed. net8.0-macos was computed. net8.0-tvos was computed. net8.0-windows was computed.

Product

.NET

Compatible target framework(s)

Included target framework(s) (in package)

Learn more about Target Frameworks and .NET Standard.

net7.0
- Google.Protobuf (>= 3.21.12)
- Grpc.Core (>= 2.46.6)
- Grpc.Net.Client (>= 2.51.0)
- Microsoft.Extensions.Configuration (>= 7.0.0)
- Microsoft.Extensions.Hosting (>= 7.0.0)
- YamlDotNet (>= 13.0.0)

NuGet packages

This package is not used by any NuGet packages.

GitHub repositories

This package is not used by any popular GitHub repositories.

Version	Downloads	Last updated
1.5.3	39,329	7/9/2024
1.5.2	15,390	5/20/2024
1.5.1	6,464	4/23/2024
1.5.0	4,037	4/11/2024
1.4.9	118	4/11/2024
1.4.8	100	4/11/2024
1.4.7	395	4/8/2024
1.4.6	102	4/8/2024
1.4.5	143	4/7/2024
1.4.4	124	4/6/2024
1.4.3	7,058	3/6/2024
1.4.2	136	2/21/2024
1.4.1	49,311	10/27/2023
1.4.0	2,632	8/17/2023
1.3.8	404	4/5/2023
1.3.7	233	4/5/2023
1.3.6	632	2/28/2023
1.3.5	276	2/21/2023
1.3.4	472	2/21/2023
1.3.3	267	2/20/2023
1.3.2	288	2/19/2023
1.2.8	288	2/17/2023
1.2.7	278	2/16/2023
1.2.5	274	2/16/2023
1.2.4	320	2/16/2023
1.2.2	296	2/16/2023
1.2.1	290	2/16/2023
1.2.0	265	2/16/2023
1.1.9	286	2/15/2023
1.1.8	324	2/15/2023
1.1.7	283	2/15/2023
1.1.6	270	2/15/2023
1.1.5	307	2/14/2023
1.1.4	312	2/14/2023
1.1.3	296	2/14/2023
1.1.2	302	2/14/2023
1.1.0	283	2/14/2023
1.0.7	309	2/14/2023
1.0.6	315	2/11/2023
1.0.5	307	2/11/2023
1.0.3	307	2/11/2023
1.0.1	301	2/11/2023
1.0.0	365	2/11/2023