Schemas

In Permguard, multiple ledgers can be created, and each ledger might have a single schema per partition. This provides a structured way to model the authorization framework.

Schema#

A schema is a logical structure used to organize resources and actions. It also includes metadata annotations to enhance policy management.

Namespace#

A schema can be further divided into namespaces, adding more granularity to resource management. Namespaces provide another layer of logical organization, especially useful for schemas designed with Domain-Driven Design (DDD) principles.

By structuring schemas into namespaces, developers can simplify development and maintain architectural consistency.

{
  "name": "magicfarmacia",
  "description": "Manage a pharmacy with multiple branches",
  "resources": []
}

Each namespace can define multiple resources and the corresponding actions that can be performed on them.

Resource#

A Resource is a key entity in Permguard. It represents a logical element within the zone that requires authorization policies.

When defining Resources, consider:

• Performance: Ensure policies are structured efficiently to minimize evaluation time.
• Scalability: Optimize policy execution within the zone for better performance.

In summary, Resources in Permguard help structure authorization policies, ensuring flexibility and optimized performance within a zone ecosystem.

{
  "name": "inventory",
  "description": "Pharmacy inventory",
  "actions": []
}

Action#

An Action is a specific operation that can be performed on a Resource. Actions define what operations are allowed, such as:

• read
• write
• delete
• list

These actions help enforce precise authorization rules, ensuring that only permitted operations can be executed on a resource.

{
  "name": "access",
  "description": "Access inventory"
}