deduplicate edges when conditions exist and add conditions to the edges #422

yissellokta · 2025-02-20T16:07:24Z

Inconsistent behavior in the parser was deduplicating the edges if directly related to the terminal type but not in the case of a userset, causing the algorithms in the type system to not identify models that should have fast path

Description

The parser was deduplicating cases like the one below, where it only constructs one edge from group#member to user:
type group
define member: [user, user with condX]
In the case of a userset with conditions it was not behaving in the same way, and it was creating two edges from group#member to folder#viewer
type group
define member: [folder#viewer, folder#viewer with condX]
type folder
define viewer: [user]

This PR covers the following changes:
1- Add the deduplication for the userset case
2- rename conditionOn on the edge to have a name that represents its value, tupleUserset, in a ttu (X from Y), it is the Y
3- add conditions to the edge, to add more info required to substitute in the future the type system and use the graph
4- Add tests that cover all these changes

References

Review Checklist

I have clicked on "allow edits by maintainers".
I have added documentation for new/changed functionality in this PR or in a PR to openfga.dev [Provide a link to any relevant PRs in the references section above]
The correct base branch is being used, if not main
I have added tests to validate that the change in functionality is working as expected

pkg/go/graph/graph_edge.go

pkg/go/graph/graph_builder.go

pkg/go/graph/graph_edge.go

pkg/go/graph/graph_builder.go

pkg/go/graph/weighted_graph.go

pkg/go/graph/weighted_graph_edge.go

Co-authored-by: Yamil Asusta <[email protected]>

adriantam · 2025-02-21T16:05:15Z

pkg/go/graph/graph.go

@@ -83,7 +83,8 @@ func (g *AuthorizationModelGraph) Reversed() (*AuthorizationModelGraph, error) {
 			if !ok {
 				return nil, fmt.Errorf("%w: could not cast to AuthorizationModelEdge", ErrBuildingGraph)
 			}
-			graphBuilder.AddEdge(nextLine.To(), nextLine.From(), casted.edgeType, casted.conditionedOn)
+			newEdge := graphBuilder.AddEdge(nextLine.To(), nextLine.From(), casted.edgeType, casted.tuplesetRelation, "")
+			newEdge.conditions = casted.conditions


why not graphBuilder.AddEdge(nextLine.To(), nextLine.From(), casted.edgeType, casted.tuplesetRelation, casted.conditions) ?

adriantam · 2025-02-21T16:11:44Z

pkg/go/graph/graph_builder.go

+		if graphBuilder.hasEdge(nodeSource, parentNode, TTUEdge, typeTuplesetRelation) {
+			// de-dup types that are conditioned, e.g. if define viewer: [user, user with condX]
+			// we only draw one edge from user to x#viewer
+			continue


Do we need to call upsert? Otherwise, will be lose the condition?

adriantam · 2025-02-21T16:15:36Z

pkg/go/graph/weighted_graph_builder_test.go

+        type permission
+            relations
+                define assignee: [role#assignee, role#assignee with condX]
+				define member: [user, permission#member, permission#member with condX]


will be easier to read if they line up :)

adriantam · 2025-02-21T16:18:59Z

pkg/go/graph/weighted_graph_builder_test.go

+	require.Len(t, edges, 1)
+	conditions := edges[0].conditions
+	require.Empty(t, edges[0].tuplesetRelation)
+	require.Len(t, conditions, 2)


should we assert on the conditions itself? (i.e., check the individual array item)

* feedback from github.com//pull/422 * Update pkg/go/graph/graph_builder.go Co-authored-by: Adrian Tam <[email protected]> --------- Co-authored-by: Adrian Tam <[email protected]>

deduplicate edges when conditions exist and add conditions to the edges

1cf8952

yissellokta requested a review from a team as a code owner February 20, 2025 16:07