Skip to main content

Warrant Changelog - January 2023

· 3 min read
Aditya Kajla

It's a new year and we have lots of updates to share:

Revamped object types, now with type restrictions

We've revamped object types, making them more succinct and easier to work with. Additionally, object types now support type restrictions. For example, teams could previously specify in an object type that a user is an owner of report:A if that user is a member of another object that is an owner of report:A. However, it wasn't possible to specify that the user must be a member of a particular type of object (i.e. a tenant) in order to this inheritance to occur. This is now possible via the revamped object type schema. Check out an example below or read more in our docs.

{
"type": "report",
"relations": {
"owner": {
"inheritIf": "member",
"ofType": "tenant",
"withRelation": "owner"
},
"editor": {
"inheritIf": "anyOf",
"rules": [
{
"inheritIf": "owner"
},
{
"inheritIf": "member",
"ofType": "tenant",
"withRelation": "editor"
}
]
},
"viewer": {
"inheritIf": "anyOf",
"rules": [
{
"inheritIf": "editor"
},
{
"inheritIf": "member",
"ofType": "tenant",
"withRelation": "viewer"
}
]
}
}
}

Serverless authorization & access control with Cloudflare workers

Did you know that you can use Cloudflare workers to generate Warrant client-side sessions to enable true serverless-authz? Here is an example of a simple Cloudflare worker that generates and returns user-scoped, client-side Warrant session tokens that can be used with Warrant UI components to conduct authz checks directly in front-end applications, all without a back-end!

CF Workers + Warrant

Major updates to Python & Node SDKs

Following last month's major updates to the Java and Ruby SDKs, we're excited to share that the Python and Node SDKs have received their overhauls this month. This includes added support for:

  • All RBAC operations including role, permission, user assignment, removal and authz checks
  • Pricing tiers (CRUD operations and authz checks)
  • Features (CRUD operations and authz checks)
  • First-class types for Warrant objects and subjects to make creating, deleting and checking warrants easier and safer

Python and Node

New React components for permissions & features

Similar to the <ProtectedComponent />, the React SDK now ships with built-in, <FeatureProtectedComponent /> and <PermissionProtectedComponent /> components (as well as hooks) to enable easier integration of Pricing Tiers and Permissions/RBAC in front-end apps.

Feature Protected Component

Cursor-based pagination on list endpoints

All list API endpoints (ex. Warrants, Tenants, Users, Permissions and Roles) now support cursor-based pagination via limit, afterId and beforeId query parameters as well as custom sorting (including paginated sorting) via sortBy, sortOrder, afterValue and beforeValue query parameters.

For example, an API request to fetch a list of the 25 users that:

  • come after the user with specified id=8fa971de-29e4-4b02-9f34-0ea581739a13 and email=test@test.com
  • sorts the list by user email in ascending order

can be specified as follows:

GET /users?limit=25&afterId=8fa971de-29e4-4b02-9f34-0ea581739a13&afterValue=test@test.com&sortBy=email&sortOrder=ASC

You can read more about cursor-based pagination here.