POST
/
v1
/
tenants
/
{tenant_id}
/
permissions
/
expand
go
cr, err := client.Permission.Expand(context.Background(), &v1.PermissionExpandRequest{
    TenantId: "t1",
    Metadata: &v1.PermissionExpandRequestMetadata{
        SnapToken: "",
        SchemaVersion: "",
    },
    Entity: &v1.Entity{
        Type: "repository",
        Id: "1",
    },
    Permission: "push",
})
{
  "tree": {}
}
Retrieve all subjects (users and user sets) that have a relationship or attribute with given entity and permission Expand API response is represented by a user set tree, whose leaf nodes are user IDs or user sets pointing to other ⟨object#relation⟩ pairs.
Expand is designed for reasoning the complete set of users that have access to their objects, which allows our users to build efficient search indices for access-controlled content.It is not designed to use as a check access. Expand request has a high latency which can cause a performance issues when its used as access check.

Path Parameters

tenant_id
string
required

Identifier of the tenant, if you are not using multi-tenancy (have only one tenant) use pre-inserted tenant <code>t1</code> for this field. Required, and must match the pattern \“[a-zA-Z0-9-,]+\“, max 64 bytes.

Body

application/json

PermissionExpandRequest is the request message for the Expand method in the Permission service.

Response

200
application/json

A successful response.

PermissionExpandResponse is the response message for the Expand method in the Permission service.