kevin/baron-sso
1
0
Fork 0
forked from baron/baron-sso
Code Pull Requests Activity

애플리케이션(RP) 관리 기능 구현 및 Ory Keto 권한 연동

Browse Source
This commit is contained in:
조찬영
2026-02-04 14:56:16 +09:00
parent bf469b1eb4
commit 066ea86f46
14 changed files with 232 additions and 48 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
docker/ory/keto/namespaces.ts
View File

@@ -2,6 +2,18 @@ import { Namespace, Subject, Context, SubjectSet } from "@ory/keto-definitions"
class User implements Namespace {}
class UserGroup implements Namespace {
related: {
members: User[]
parent_tenant: Tenant[]
}
permits = {
check_member: (ctx: Context): boolean =>
this.related.members.includes(ctx.subject)
}
}
class Tenant implements Namespace {
related: {
admins: User[]
@@ -26,7 +38,7 @@ class Tenant implements Namespace {
class RelyingParty implements Namespace {
related: {
owners: User[]
owners: (User | SubjectSet<UserGroup, "members">)[]
parent_tenant: Tenant[]
}
@@ -50,4 +62,4 @@ class System implements Namespace {
manage_all: (ctx: Context): boolean =>
this.related.super_admins.includes(ctx.subject)
}
}
}