Skip to main content

What are Data Bundles

Ensuring that authorization data remains in sync with the business model is an important practice when using Permify. Prior to Data Bundles, it was the responsibility of the services (such as WriteData API) to structure how relations are created and deleted when actions occur on resources. With the Data Bundles, you can model the creation and deletion of relations and attributes when specific actions occur on resources in your applications. This functionality streamlines managing authorization data, allows you to manage it in a central place, and increases visibility around certain actions/triggers that create data.

How Bundles Work

Let’s examine how Bundles operate. Let’s say you want to model how data will be created when an organization is created in your application. For this purpose, you can utilize the WriteBundle API endpoint. This API enables users to define or update data bundles, each distinguished by a unique name. Here’s an example body for WriteBundle in this scenario: 
{ 
    "bundles": [
        {
            "name": "organization_created",
            "arguments": [
                "creatorID",
                "organizationID"
            ],
            "operations": [
                {
                    "relationships_write": [
                        "organization:{{.organizationID}}#admin@user:{{.creatorID}}",
                        "organization:{{.organizationID}}#manager@user:{{.creatorID}}"
                    ],
                    "attributes_write": [
                        "organization:{{.organizationID}}$public|boolean:false"
                    ]
                }
            ]
        }
    ]
}
Operations represent actions that can be performed on relationships and attributes, such as adding or deleting relationships when certain events occur. Let’s say user:564 creates an organization:789 in your application. According to your authorization logic, this will result in the creation of several pieces of authorization data, including relational tuples and attributes:
  • organization:789#admin@user:564
  • organization:789#manager@user:564
  • organization:789$public|boolean:false
Instead of using the WriteData endpoint, you can utilize RunBundle to create this data by simply providing specific identifiers. An example request of RunBundle for this scenario: 
{
   "name": "organization_created",
   "arguments": {
       "creatorID": "564",
       "organizationID": "789"
    }
}
This will result in the creation of the following data in Permify:
  • organization:789#admin@user:564
  • organization:789#manager@user:564
  • organization:789$public|boolean:false

Endpoints