release: v0.2.5 with ListRelations and improved parallization (#12)

.github/workflows/main.yaml

@@ -11,7 +11,7 @@ jobs:
 
     strategy:
       matrix:
-        node-version: [14.x, 16.x, 18.x]
+        node-version: [14.x, 16.x, 18.x, 20.x]
 
     steps:
       - uses: actions/checkout@v3
@@ -76,7 +76,7 @@ jobs:
         run: npm ci
 
       - name: Publish to npm
-        run: npm publish
+        run: npm publish --provenance
         env:
           NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
 

.openapi-generator/FILES

@@ -4,8 +4,6 @@
 .github/CODEOWNERS
 .github/ISSUE_TEMPLATES/bug_report.md
 .github/ISSUE_TEMPLATES/feature_request.md
-.github/PULL_REQUEST_TEMPLATE.md
-.github/SECURITY.md
 .github/workflows/main.yaml
 .github/workflows/semgrep.yaml
 .gitignore
@@ -39,10 +37,8 @@ tests/tsconfig.spec.json
 tsconfig.json
 utils/assert-never.ts
 utils/chunk-array.ts
-utils/chunk-call.ts
 utils/generate-random-id.ts
 utils/index.ts
 utils/set-header-if-not-set.ts
 utils/set-not-enumerable-property.ts
-utils/sleep.ts
 validation.ts

.openapi-generator/VERSION

@@ -1 +1 @@
-6.3.0
+6.4.0

CHANGELOG.md

@@ -1,5 +1,15 @@
 # Changelog
 
+## v0.2.5
+
+### [0.2.5](https://github.com/openfga/js-sdk/compare/v0.2.4...v0.2.5) (2023-04-21)
+
+- feat(client): implement `listRelations` to check what relationships a user has with an object
+- feat!: `schema_version` is now required when calling `WriteAuthorizationModel`
+- fix(client): proper parallel limit for batch fns (BatchCheck, etc..)
+- chore(ci): publish provenance data
+- chore(deps): update dependencies
+
 ## v0.2.4
 
 ### [0.2.4](https://github.com/openfga/js-sdk/compare/v0.2.3...v0.2.4) (2023-03-09)

README.md

@@ -37,6 +37,7 @@ This is an autogenerated JavaScript SDK for OpenFGA. It provides a wrapper aroun
       - [Batch Check](#batch-check)
       - [Expand](#expand)
       - [List Objects](#list-objects)
+      - [List Relations](#list-relations)
     - [Assertions](#assertions)
       - [Read Assertions](#read-assertions)
       - [Write Assertions](#write-assertions)
@@ -228,8 +229,8 @@ const { authorization_models: authorizationModels } = await fgaClient.readAuthor
 
 /*
 authorizationModels = [
- { id: "1uHxCSuTP0VKPYSnkq1pbb1jeZw", type_definitions: [...] },
- { id: "GtQpMohWezFmIbyXxVEocOCxxgq", type_definitions: [...] }];
+ { id: "01GXSA8YR785C4FYS3C0RTG7B1", schema_version: "1.1", type_definitions: [...] },
+ { id: "01GXSBM5PVYHCJNRNKXMB4QZTW", schema_version: "1.1", type_definitions: [...] }];
 */
 ```
 
@@ -249,6 +250,7 @@ Create a new version of the authorization model.
 
 ```javascript
 const { authorization_model_id: id } = await fgaClient.writeAuthorizationModel({
+  schema_version: "1.1",
   type_definitions: [{
       type: "user",
     }, {
@@ -269,7 +271,7 @@ const { authorization_model_id: id } = await fgaClient.writeAuthorizationModel({
     } }],
 });
 
-// id = "1uHxCSuTP0VKPYSnkq1pbb1jeZw"
+// id = "01GXSA8YR785C4FYS3C0RTG7B1"
 ```
 
 ##### Read a Single Authorization Model
@@ -282,11 +284,11 @@ const { authorization_model_id: id } = await fgaClient.writeAuthorizationModel({
 const options = {};
 
 // To override the authorization model id for this request
-options.authorizationModelId = "1uHxCSuTP0VKPYSnkq1pbb1jeZw";
+options.authorizationModelId = "01GXSA8YR785C4FYS3C0RTG7B1";
 
 const { authorization_model: authorizationModel } = await fgaClient.readAuthorizationModel(options);
 
-// authorizationModel = { id: "1uHxCSuTP0VKPYSnkq1pbb1jeZw", type_definitions: [...] }
+// authorizationModel = { id: "01GXSA8YR785C4FYS3C0RTG7B1", schema_version: "1.1", type_definitions: [...] }
 ```
 
 ##### Read the Latest Authorization Model
@@ -300,7 +302,7 @@ Reads the latest authorization model (note: this ignores the model id in configu
 ```javascript
 const { authorization_model: authorizationModel } = await fgaClient.readLatestAuthorizationModel();
 
-// authorizationModel = { id: "1uHxCSuTP0VKPYSnkq1pbb1jeZw", type_definitions: [...] }
+// authorizationModel = { id: "01GXSA8YR785C4FYS3C0RTG7B1", schema_version: "1.1", type_definitions: [...] }
 ```
 
 #### Relationship Tuples
@@ -386,13 +388,13 @@ Create and/or delete relationship tuples to update the system state.
 
 ###### Transaction mode (default)
 
-By default, write runs in a transaction mode where any invalid operation (deleting a non-exiting tuple, creating an existing tuple, one of the tuples was invalid) or a server error will fail the entire operation.
+By default, write runs in a transaction mode where any invalid operation (deleting a non-existing tuple, creating an existing tuple, one of the tuples was invalid) or a server error will fail the entire operation.
 
 ```javascript
 const options = {};
 
 // To override the authorization model id for this request
-options.authorizationModelId = "1uHxCSuTP0VKPYSnkq1pbb1jeZw";
+options.authorizationModelId = "01GXSA8YR785C4FYS3C0RTG7B1";
 
 await fgaClient.write({
   writes: [{ user: "user:81684243-9356-4421-8fbf-a4f8d36aa31b", relation: "viewer", object: "document:roadmap" }],
@@ -408,11 +410,15 @@ await fgaClient.deleteTuples([{ user: "user:81684243-9356-4421-8fbf-a4f8d36aa31b
 
 ###### Non-transaction mode
 
-The SDK will split the writes into separate requests and send them sequentially to avoid violating rate limits.
+The SDK will split the writes into separate requests and send them in parallel chunks (default = 1 item per chunk, each chunk is a transaction).
 
 ```
 // if you'd like to disable the transaction mode for writes (requests will be sent in parallel writes)
-options.transaction = { disable: true };
+options.transaction = {
+  disable: true,
+  maxPerChunk: 1, // defaults to 1 - each chunk is a transaction (even in non-transaction mode)
+  maxParallelRequests: 10, // max requests to issue in parallel
+};
 
 const response = await fgaClient.write({
   writes: [{ user: "user:81684243-9356-4421-8fbf-a4f8d36aa31b", relation: "viewer", object: "document:roadmap" }],
@@ -440,7 +446,7 @@ Check if a user has a particular relation with an object.
 ```javascript
 const options = {
   // if you'd like to override the authorization model id for this request
-  authorizationModelId: "1uHxCSuTP0VKPYSnkq1pbb1jeZw",
+  authorizationModelId: "01GXSA8YR785C4FYS3C0RTG7B1",
 };
 
 const result = await fgaClient.check({
@@ -462,7 +468,7 @@ If 429s or 5xxs are encountered, the underlying check will retry up to 15 times
 ```javascript
 const options = {
   // if you'd like to override the authorization model id for this request
-  authorizationModelId: "1uHxCSuTP0VKPYSnkq1pbb1jeZw",
+  authorizationModelId: "01GXSA8YR785C4FYS3C0RTG7B1",
 }
 const { responses } = await fgaClient.batchCheck([{
   user: "user:81684243-9356-4421-8fbf-a4f8d36aa31b",
@@ -527,7 +533,7 @@ Expands the relationships in userset tree format.
 const options = {};
 
 // To override the authorization model id for this request
-options.authorizationModelId = "1uHxCSuTP0VKPYSnkq1pbb1jeZw";
+options.authorizationModelId = "01GXSA8YR785C4FYS3C0RTG7B1";
 
 const { tree } = await fgaClient.expand({
   relation: "viewer",
@@ -549,7 +555,7 @@ const { tree } = await fgaClient.expand({
 const options = {};
 
 // To override the authorization model id for this request
-options.authorizationModelId = "1uHxCSuTP0VKPYSnkq1pbb1jeZw";
+options.authorizationModelId = "01GXSA8YR785C4FYS3C0RTG7B1";
 
 const response = await fgaClient.listObjects({
   user: "user:81684243-9356-4421-8fbf-a4f8d36aa31b",
@@ -565,6 +571,34 @@ const response = await fgaClient.listObjects({
 // response.objects = ["document:roadmap"]
 ```
 
+##### List Relations
+
+List the relations a user has with an object. This wraps around [BatchCheck](#batchcheck) to allow checking multiple relationships at once.
+
+Note: Any error encountered when checking any relation will be treated as `allowed: false`;
+
+> Requires a client initialized with a storeId
+
+```javascript
+const options = {};
+
+// To override the authorization model id for this request
+options.authorization_model_id = "1uHxCSuTP0VKPYSnkq1pbb1jeZw";
+
+const response = await fgaClient.listRelations({
+  user: "user:81684243-9356-4421-8fbf-a4f8d36aa31b",
+  object: "document:roadmap",
+  relations: ["can_view", "can_edit", "can_delete"],
+  contextual_tuples: [{
+    user: "user:81684243-9356-4421-8fbf-a4f8d36aa31b",
+    relation: "writer",
+    object: "document:roadmap"
+  }],
+}, options);
+
+// response.relations = ["can_view", "can_edit"]
+```
+
 #### Assertions
 
 ##### Read Assertions
@@ -579,7 +613,7 @@ Read assertions for a particular authorization model.
 const options = {};
 
 // To override the authorization model id for this request
-options.authorizationModelId = "1uHxCSuTP0VKPYSnkq1pbb1jeZw";
+options.authorizationModelId = "01GXSA8YR785C4FYS3C0RTG7B1";
 
 const response = await fgaClient.readAssertions(options);
 
@@ -605,7 +639,7 @@ Update the assertions for a particular authorization model.
 const options = {};
 
 // To override the authorization model id for this request
-options.authorizationModelId = "1uHxCSuTP0VKPYSnkq1pbb1jeZw";
+options.authorizationModelId = "01GXSA8YR785C4FYS3C0RTG7B1";
 
 const response = await fgaClient.writeAssertions([{
   user: "user:81684243-9356-4421-8fbf-a4f8d36aa31b",

api.ts

@@ -273,8 +273,8 @@ export const OpenFgaApiAxiosParamCreator = function (configuration: Configuratio
       };
     },
     /**
-         * The ListObjects API returns a list of all the objects of the given type that the user has a relation with. To achieve this, both the store tuples and the authorization model are used. An `authorization_model_id` may be specified in the body. If it is, it will be used to decide the underlying implementation used. If it is not specified, the latest authorization model ID will be used. It is strongly recommended to specify authorization model id for better performance. You may also specify `contextual_tuples` that will be treated as regular tuples. The response will contain the related objects in an array in the \"objects\" field of the response and they will be strings in the object format `<type>:<id>` (e.g. \"document:roadmap\")  
-         * @summary [EXPERIMENTAL] Get all objects of the given type that the user has a relation with
+         * The ListObjects API returns a list of all the objects of the given type that the user has a relation with. To achieve this, both the store tuples and the authorization model are used. An `authorization_model_id` may be specified in the body. If it is, it will be used to decide the underlying implementation used. If it is not specified, the latest authorization model ID will be used. It is strongly recommended to specify authorization model id for better performance. You may also specify `contextual_tuples` that will be treated as regular tuples. The response will contain the related objects in an array in the \"objects\" field of the response and they will be strings in the object format `<type>:<id>` (e.g. \"document:roadmap\"). Note: If you have `and` or `but not` in your model while using ListObjects, checkout the [caveats](https://openfga.dev/docs/interacting/relationship-queries#caveats-and-when-not-to-use-it-3). 
+         * @summary Get all objects of the given type that the user has a relation with
          * @param {ListObjectsRequest} body
          * @param {*} [options] Override http request option.
          * @throws { FgaError }
@@ -740,8 +740,8 @@ export const OpenFgaApiFp = function(configuration: Configuration, credentials:
       return createRequestFunction(localVarAxiosArgs, globalAxios, configuration, credentials);
     },
     /**
-         * The ListObjects API returns a list of all the objects of the given type that the user has a relation with. To achieve this, both the store tuples and the authorization model are used. An `authorization_model_id` may be specified in the body. If it is, it will be used to decide the underlying implementation used. If it is not specified, the latest authorization model ID will be used. It is strongly recommended to specify authorization model id for better performance. You may also specify `contextual_tuples` that will be treated as regular tuples. The response will contain the related objects in an array in the \"objects\" field of the response and they will be strings in the object format `<type>:<id>` (e.g. \"document:roadmap\")  
-         * @summary [EXPERIMENTAL] Get all objects of the given type that the user has a relation with
+         * The ListObjects API returns a list of all the objects of the given type that the user has a relation with. To achieve this, both the store tuples and the authorization model are used. An `authorization_model_id` may be specified in the body. If it is, it will be used to decide the underlying implementation used. If it is not specified, the latest authorization model ID will be used. It is strongly recommended to specify authorization model id for better performance. You may also specify `contextual_tuples` that will be treated as regular tuples. The response will contain the related objects in an array in the \"objects\" field of the response and they will be strings in the object format `<type>:<id>` (e.g. \"document:roadmap\"). Note: If you have `and` or `but not` in your model while using ListObjects, checkout the [caveats](https://openfga.dev/docs/interacting/relationship-queries#caveats-and-when-not-to-use-it-3). 
+         * @summary Get all objects of the given type that the user has a relation with
          * @param {ListObjectsRequest} body
          * @param {*} [options] Override http request option.
          * @throws { FgaError }
@@ -913,8 +913,8 @@ export const OpenFgaApiFactory = function (configuration: Configuration, credent
       return localVarFp.getStore(options).then((request) => request(axios));
     },
     /**
-         * The ListObjects API returns a list of all the objects of the given type that the user has a relation with. To achieve this, both the store tuples and the authorization model are used. An `authorization_model_id` may be specified in the body. If it is, it will be used to decide the underlying implementation used. If it is not specified, the latest authorization model ID will be used. It is strongly recommended to specify authorization model id for better performance. You may also specify `contextual_tuples` that will be treated as regular tuples. The response will contain the related objects in an array in the \"objects\" field of the response and they will be strings in the object format `<type>:<id>` (e.g. \"document:roadmap\")  
-         * @summary [EXPERIMENTAL] Get all objects of the given type that the user has a relation with
+         * The ListObjects API returns a list of all the objects of the given type that the user has a relation with. To achieve this, both the store tuples and the authorization model are used. An `authorization_model_id` may be specified in the body. If it is, it will be used to decide the underlying implementation used. If it is not specified, the latest authorization model ID will be used. It is strongly recommended to specify authorization model id for better performance. You may also specify `contextual_tuples` that will be treated as regular tuples. The response will contain the related objects in an array in the \"objects\" field of the response and they will be strings in the object format `<type>:<id>` (e.g. \"document:roadmap\"). Note: If you have `and` or `but not` in your model while using ListObjects, checkout the [caveats](https://openfga.dev/docs/interacting/relationship-queries#caveats-and-when-not-to-use-it-3). 
+         * @summary Get all objects of the given type that the user has a relation with
          * @param {ListObjectsRequest} body
          * @param {*} [options] Override http request option.
          * @throws { FgaError }
@@ -1086,8 +1086,8 @@ export class OpenFgaApi extends BaseAPI {
   }
 
   /**
-     * The ListObjects API returns a list of all the objects of the given type that the user has a relation with. To achieve this, both the store tuples and the authorization model are used. An `authorization_model_id` may be specified in the body. If it is, it will be used to decide the underlying implementation used. If it is not specified, the latest authorization model ID will be used. It is strongly recommended to specify authorization model id for better performance. You may also specify `contextual_tuples` that will be treated as regular tuples. The response will contain the related objects in an array in the \"objects\" field of the response and they will be strings in the object format `<type>:<id>` (e.g. \"document:roadmap\")  
-     * @summary [EXPERIMENTAL] Get all objects of the given type that the user has a relation with
+     * The ListObjects API returns a list of all the objects of the given type that the user has a relation with. To achieve this, both the store tuples and the authorization model are used. An `authorization_model_id` may be specified in the body. If it is, it will be used to decide the underlying implementation used. If it is not specified, the latest authorization model ID will be used. It is strongly recommended to specify authorization model id for better performance. You may also specify `contextual_tuples` that will be treated as regular tuples. The response will contain the related objects in an array in the \"objects\" field of the response and they will be strings in the object format `<type>:<id>` (e.g. \"document:roadmap\"). Note: If you have `and` or `but not` in your model while using ListObjects, checkout the [caveats](https://openfga.dev/docs/interacting/relationship-queries#caveats-and-when-not-to-use-it-3). 
+     * @summary Get all objects of the given type that the user has a relation with
      * @param {ListObjectsRequest} body
      * @param {*} [options] Override http request option.
      * @throws { FgaError }

apiModel.ts

@@ -64,7 +64,7 @@ export interface AuthorizationModel {
      * @type {string}
      * @memberof AuthorizationModel
      */
-    schema_version?: string;
+    schema_version: string;
     /**
      * 
      * @type {Array<TypeDefinition>}