VS Code extension that provides syntax highlighting for the OpenFGA language for authorization models.

OpenFGA is an open source Fine-Grained Authorization solution inspired by Google's Zanzibar paper. It was created by the FGA team at Auth0 based on Auth0 Fine-Grained Authorization (FGA), available under a permissive license (Apache-2) and welcomes community contributions.

OpenFGA is designed to make it easy for application builders to model their permission layer, and to add and integrate fine-grained authorization into their applications. OpenFGA’s design is optimized for reliability and low latency at a high scale.

• OpenFGA Documentation
• OpenFGA API Documentation
• OpenFGA on Twitter
• OpenFGA Community
• Zanzibar Academy
• Google's Zanzibar Paper (2019)

You can install the OpenFGA VS Code plugin from:

• OpenFGA on the VS Code marketplace

• OpenFGA on the OpenVSX Registry

• The VSIX releases on GitHub for manual installation

  

The extension currently offers 4 core features, with more to come.

• Syntax Highlighting for OpenFGA files
• A unique theme for OpenFGA for VS Code
  • Once installed, go to your extensions
  • Click on OpenFGA and click Set Color Scheme
  • Click on OpenFGA Dark in the prompt

• A command to transform .fga OpenFGA files to JSON
  • Open a .fga OpenFGA file in the editor
  • Open the Command Pallette using Ctrl+Shift+P (Windows) or Command+Shift+P (OSX)
  • Select OpenFGA: Transform DSL to JSON
  • A new tab will open with the transformed code

• Validation of OpenFGA's .fga files
  • As you type in a .fga OpenFGA file in the editor, the extension will highlight errors that make your models invalid

The extension works great when combined with the FGA CLI to iterate on your model and test it.

In order to do that: 1- Create a working directory to house the files for your store 2- Inside this directory, create a model.fga file with your model 3- Alongside the model.fga, create a store.yaml file with the following syntax

--- name: Store Name # store name, optional model_file: ./model.fga # a global model that would apply to all tests tuples: # global tuples that would apply to all tests, optional - user: folder:1 relation: parent object: folder:2 - user: user:anne relation: editor object: folder:1 tests: # required - name: test-1 description: testing that the model works # optional tuples: # tuples that only apply within the scope of this test - user: user:beth relation: viewer object: folder:2 check: # a set of checks to run - user: user:anne object: folder:1 assertions: # a set of expected results for each relation can_view: true can_write: true can_share: false - user: user:beth object: folder:2 assertions: # a set of expected results for each relation can_view: true can_write: false can_share: false list_objects: # a set of list objects to run - user: user:anne type: folder assertions: # a set of expected results for each relation can_view: - folder:1 - folder:2 can_write: - folder:1 - folder:2 can_share: [] - user: user:beth type: folder assertions: # a set of expected results for each relation can_view: - folder:2 can_write: [] can_share: []

When ready to test, from the terminal, and while inside your working directory, run:

fga model test --tests=./store.yaml

A rough roadmap for development priorities.

See the DEVELOPMENT and CONTRIBUTING.

OpenFGA

• CEL Textmate Grammar was taken from vscode-cel
• Range conversion from yaml to vscode from actions/languageservices

This project is licensed under the Apache-2.0 license. See the LICENSE file for more info.