/fga-rs

authorization/permission service, inspired by Google Zanzibar

Primary LanguageRustMIT LicenseMIT

fga-rs

wip(breaking changes at any time)

what is fga-rs

fga-rs is a Fine Grained Authorization written in rust, such as openfga, permify, spicedb and so on.

fga-rs is a permission server for real time, enterprise application permissions inspired by Google Zanzibar.

why fga-rs

  1. written in rust
  2. support superadmin
  3. support fast condition eval(wip)

Getting Started

required

  1. rust
  2. postgres

init db

cargo run -p cli -- migration up -u postgres://postgres@127.0.0.1:5432/fga-rs

start

cargo run -p cli -- server -u postgres://postgres@127.0.0.1:5432/fga-rs

TODO

  • schema: design(such as model.authz), parser(use lalrpop)
  • schema: support permission: union(+ |), intersection(&), exclude(-), priority
  • support condition(expr eval)
  • remote checker
  • grpc
  • refactor check request
  • expand tuple
  • opentelemetry
  • config file use toml
  • migration database
  • test
  • playground
  • vscode-extension
  • lsp
  • sdk (priority: rust, java, go, js, python, ruby...)

Credit

  1. openfga
  2. permify
  3. spicedb