From 0d01216313ae22f978a747510ce36d7c58c25932 Mon Sep 17 00:00:00 2001 From: Anukiran Date: Fri, 18 Jul 2025 13:23:24 -0500 Subject: [PATCH 1/2] add new permission to product type --- .../tailordb_gql_permission_product.tf | 24 ++++++++++++ .../tailordb_product.tf | 39 ++++++++++++++++++- 2 files changed, 62 insertions(+), 1 deletion(-) create mode 100644 docs/sample-inventory-management/tailordb_gql_permission_product.tf diff --git a/docs/sample-inventory-management/tailordb_gql_permission_product.tf b/docs/sample-inventory-management/tailordb_gql_permission_product.tf new file mode 100644 index 0000000..957d023 --- /dev/null +++ b/docs/sample-inventory-management/tailordb_gql_permission_product.tf @@ -0,0 +1,24 @@ +resource "tailor_tailordb_gql_permission" "product" { + workspace_id = tailor_workspace.demo.id + namespace = tailor_tailordb.demo.namespace + type = tailor_tailordb_type.example.name + + policies = [ + { + conditions = [ + { left = { user = "role" }, operator = "eq", right = { value = { string = "ADMIN" } } } + ] + actions = ["all"] + permit = "allow" + description = "Administrators have full access to all GraphQL operations" + }, + { + conditions = [ + { left = { user = "_loggedIn" }, operator = "eq", right = { value = { boolean = true } } } + ] + actions = ["create", "read", "update"] + permit = "allow" + description = "Authenticated users can create, read, and update tasks" + }, + ] +} \ No newline at end of file diff --git a/docs/sample-inventory-management/tailordb_product.tf b/docs/sample-inventory-management/tailordb_product.tf index 51aa934..eabbf0e 100644 --- a/docs/sample-inventory-management/tailordb_product.tf +++ b/docs/sample-inventory-management/tailordb_product.tf @@ -67,5 +67,42 @@ resource "tailor_tailordb_type" "product" { } } - type_permission = local.permission_everyone + permission = { + create = [ + { + conditions = [ + { left = { user = "role" }, operator = "eq", right = { value = { string = "ADMIN" } } } + ] + permit = "allow" + description = "Administrators can create any task" + }, + ] + read = [ + { + conditions = [ + { left = { user = "role" }, operator = "eq", right = { value = { string = "ADMIN" } } } + ] + permit = "allow" + description = "Administrators can read all tasks" + }, + ] + update = [ + { + conditions = [ + { left = { user = "role" }, operator = "eq", right = { value = { string = "ADMIN" } } } + ] + permit = "allow" + description = "Administrators can update any task" + }, + ] + delete = [ + { + conditions = [ + { left = { user = "role" }, operator = "eq", right = { value = { string = "ADMIN" } } } + ] + permit = "allow" + description = "Administrators can delete any task" + } + ] + } } From 3458f8221f6c67eda4b5e3ca959154c73a2c86f8 Mon Sep 17 00:00:00 2001 From: Anukiran Date: Fri, 18 Jul 2025 14:35:58 -0500 Subject: [PATCH 2/2] fix workspace id --- .../tailordb_gql_permission_product.tf | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/docs/sample-inventory-management/tailordb_gql_permission_product.tf b/docs/sample-inventory-management/tailordb_gql_permission_product.tf index 957d023..e8c3f4b 100644 --- a/docs/sample-inventory-management/tailordb_gql_permission_product.tf +++ b/docs/sample-inventory-management/tailordb_gql_permission_product.tf @@ -1,7 +1,7 @@ resource "tailor_tailordb_gql_permission" "product" { - workspace_id = tailor_workspace.demo.id - namespace = tailor_tailordb.demo.namespace - type = tailor_tailordb_type.example.name + workspace_id = tailor_workspace.ims.id + namespace = tailor_tailordb.ims.namespace + type = tailor_tailordb_type.product.name policies = [ {