Modeling Hierarchy with Attribute Scopes
In this article, you will learn how to model relationships and arbitrarily deep hierarchy between objects in your system with attribute scopes. By the end of this article, you will understand the fundamentals of modeling:
- Folder-like structures where objects contain other objects (ad infinitum)
- Organizational structures where users can be members of different teams
- Social structures like families and friends of friends
The article assumes you know what object, edges, attributes and permissions are. For more detail, see our Key Concepts article.
Attribute Scopes
Attributes give one object permissions on another object. Each attribute has an attribute name (like edit
) and an attribute scope. The value describes the permission and the scope describes which two objects are affected by the attribute. There are three scopes of attribute: direct, inherit and propagate.
Direct Attributes
The direct scope is the simplest attribute scope. It gives the source object the permission on the target object. It is used for non-hierarchical relationships.
Inherit Attributes
The inherit attribute scope states:
Inherit: if the target object has the attribute on a third object, the source object ‘inherits’ that attribute on the third object.
Inherit attributes are used to pass a permission from one user or group to another. In the example below, Gloria is a member of a department that owns a particular project. This is modeled by giving the department direct view access on the project, and passing that view access to Gloria with an inherit attribute.
Propagate Attributes
The propagate attribute scope states:
Propagate: if a third object has the attribute on the source object, the third object also gets the attribute on the target object
Propagate attributes are used to propagate permissions down a hierarchy of nested resources. In the example below, Ajay owns a folder and has view access to that folder. Ajay is given view access to all files inside the folder with a propagate attribute.
Updated 6 months ago