.png)
We’re excited to announce a new major version of our Go client. We’ve been hard at work on this new vision for the Oso SDK, centered around these features:
- A simplified Fact Management API
- A powerful Query Builder API
Simplified Fact Management API
The Centralized Authorization Data API has been condensed from 6 methods to 4: Insert, Delete, Get, and Batch.
The new Insert API replaces Tell. With Insert , you can add facts to Oso Cloud:
osoClient.Insert(oso.NewFact(
"has_role",
oso.NewValue("User", "bob"),
oso.String("owner"),
oso.NewValue("Organization", "acme")
))
With Delete, you can delete a fact or all facts matching the pattern. Deleting a single fact would look like below:
e := osoClient.Delete(oso.NewFact(
"has_role",
oso.NewValue("User", "bob"),
oso.String("maintainer"),
oso.NewValue("Repository", "anvil"),
))
With Get, you can check the existence of a particular fact or fetch all facts that have a particular argument.
// List all role-related facts on the `anvils` repo
osoClient.Get(oso.NewFactPattern(
"has_role",
nil,
nil,
oso.NewValue("Repository", "anvils"),
))
The new Batch API replaces the Bulk, BulkDelete, and BulkTell APIs.
Additionally, the new Batch function supports deleting all facts matching a pattern:
osoClient.Batch(func (tx oso.BatchTransaction) {
tx.Delete(oso.NewFactPattern(
"has_role",
oso.NewValue("User", "1"),
nil,
oso.NewValueOfType("Repository"),
)) // Remove all of User 1's roles across all Repositories
})
Powerful Query Builder API
We've replaced the Query API with a more powerful and flexible QueryBuilder API which lets you simplify your application code. We've also dropped the AuthorizeResources APIs in favor of the QueryBuilder.
For example, you can use osoClient.BuildQuery(queryFact) to query for any rule. This allows you to query Oso Cloud for any predicate and any combination of concrete and wildcard arguments. Unlike osoClient.Get, which only lists facts you've added, you can use osoClient.BuildQuery to list derived information about any rule in your policy:
actor := oso.NewValue("User", "bob")
repository := oso.TypedVar("Repository")
// Query for all the repos `User:bob` can `read`
repos, err := osoClient.
BuildQuery(oso.NewQueryFact("allow", actor, oso.String("read"), repository)).
EvaluateValues(repository)
// => [ "acme", "anvils" ]
See here for how it can support any use case your application demands.
Get started with the v2 Go client
You can install the v2 Go client by running: go get github.com/osohq/go-oso-cloud/v2. The full docs are here. If you’re upgrading from v1, check out the Migration Guide.
These changes will be coming to the other language SDKs soon. Let us know if you’re interested in trying RC versions!
