larvit/plainpages
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Comment/README cleanup (todo §4); tighten the kratos/keto client module-headers (drop forward-refs + caller-listings, keep rationale), retarget the stale safeUrl() ref in plugin-contract.md to §5/§7

Browse Source
This commit is contained in:
Lilleman auf Larv
2026-06-18 11:52:49 +02:00
parent caadaf5da3
commit d1fbf8fa1f
5 changed files with 13 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
src/keto-client.ts
View File

@@ -1,9 +1,8 @@
// Keto client (todo §4): typed `fetch` wrappers over Ory Keto's relation-tuple APIs —
// `check` a permission, `listRelations`/`expand` to inspect them (read API), and
// `writeTuple`/`deleteTuple` to grant/revoke them (write API). Built-in `fetch` only, no
// SDK dep (AGENTS.md); `fetchImpl`-injectable like the kratos clients. read/write split
// onto the two ports config.ts targets (ketoReadUrl 4466 / ketoWriteUrl 4467). The login
// role projection (§4) reads roles via this; guards' live `check` (§4) calls `check`.
// `check` a permission, `listRelations`/`expand` to inspect them (read API), `writeTuple`/
// `deleteTuple` to grant/revoke them (write API). Built-in `fetch` only, no SDK dep (AGENTS.md);
// `fetchImpl`-injectable like the kratos clients. Read/write split onto the two ports config.ts
// targets (ketoReadUrl 4466 / ketoWriteUrl 4467).
// A subject set: a relation on another object (e.g. Group:eng#members), resolved
// transitively. The other Keto subject form is a direct `subject_id` string.