WeaviateEx.API.RBAC.Scope (WeaviateEx v0.7.4)

View Source

Role scope permissions for fine-grained RBAC.

Scopes define the boundary of permissions, allowing you to restrict access to specific collections, tenants, or shards.

Examples

# All collections
scope = Scope.all_collections()

# Single collection
scope = Scope.collection("Article")

# Multiple collections
scope = Scope.collections(["Article", "Author"])

# Collection with tenant restriction
scope =
  Scope.collection("Article")
  |> Scope.with_tenants(["tenant-a", "tenant-b"])

# Use in permission
perm = Permission.new(:read, :data, scope: scope)

Summary

Types

t()

Functions

all_collections()

Creates a scope matching all collections.

collection(name)

Creates a scope for a single collection.

collections(names)

Creates a scope for multiple collections.

from_api(api)

Parses a scope from API response.

new(opts \\ [])

Creates a new scope with the given options.

to_api(scope)

Converts a scope to API format.

with_shards(scope, shards)

Adds shard restrictions to a scope.

with_tenants(scope, tenants)

Adds tenant restrictions to a scope.

Types

t()

@type t() :: %WeaviateEx.API.RBAC.Scope{
  collections: [String.t()] | :all | nil,
  shards: [String.t()] | :all | nil,
  tenants: [String.t()] | :all | nil
}

Functions

all_collections()

@spec all_collections() :: t()

Creates a scope matching all collections.

Example

Scope.all_collections()

collection(name)

@spec collection(String.t()) :: t()

Creates a scope for a single collection.

Example

Scope.collection("Article")

collections(names)

@spec collections([String.t()]) :: t()

Creates a scope for multiple collections.

Example

Scope.collections(["Article", "Author", "Comment"])

from_api(api)

@spec from_api(map() | nil) :: t() | nil

Parses a scope from API response.

Example

Scope.from_api(%{"collection" => "Article", "tenant" => "tenant-a"})

new(opts \\ [])

@spec new(keyword()) :: t()

Creates a new scope with the given options.

Options

  • :collections - List of collection names or :all
  • :tenants - List of tenant names or :all
  • :shards - List of shard names or :all

Examples

Scope.new(collections: :all)
Scope.new(collections: ["Article"], tenants: ["tenant-a"])

to_api(scope)

@spec to_api(t() | nil) :: map()

Converts a scope to API format.

Examples

Scope.all_collections() |> Scope.to_api()
# => %{"collection" => "*"}

Scope.collection("Article") |> Scope.to_api()
# => %{"collection" => "Article"}

with_shards(scope, shards)

@spec with_shards(t(), [String.t()] | :all) :: t()

Adds shard restrictions to a scope.

Example

Scope.collection("Article")
|> Scope.with_shards(["shard-0", "shard-1"])

with_tenants(scope, tenants)

@spec with_tenants(t(), [String.t()] | :all) :: t()

Adds tenant restrictions to a scope.

Examples

Scope.collection("Article")
|> Scope.with_tenants(["tenant-a"])

Scope.collection("Article")
|> Scope.with_tenants(:all)