API Models Assertion - evansims/openfga-php GitHub Wiki
Tests whether your authorization model behaves correctly for specific scenarios. Assertions are test cases that verify your authorization rules work as expected. Each assertion checks if a specific authorization question (like "can user:anne read document:budget") returns the expected result (true for granted, false for denied). Use assertions to validate your authorization model during development and catch permission logic errors before they reach production. They're especially valuable when making changes to complex authorization rules.
Table of Contents
OpenFGA\Models
AssertionInterfaceJsonSerializableModelInterface
- AssertionInterface (interface)
| Name | Value | Description |
|---|---|---|
OPENAPI_MODEL |
Assertion |
public function getContext(): ?arrayGet the context data for evaluating ABAC conditions. Context provides additional information that can be used when evaluating attribute-based access control (ABAC) conditions. This might include user attributes, resource properties, or environmental factors like time of day.
array | null
public function getContextualTuples(): ?OpenFGA\Models\Collections\TupleKeysInterfaceGet the contextual tuples for this assertion. Contextual tuples provide additional relationship data that should be considered when evaluating the assertion. These are temporary relationships that exist only for the duration of the authorization check, useful for testing "what-if" scenarios.
TupleKeysInterface | null
public function getExpectation(): boolGet the expected result for this assertion. The expectation defines whether the authorization check should return true (access granted) or false (access denied). This is what the assertion will be tested against.
bool — True if access should be granted, false if access should be denied
public function getTupleKey(): OpenFGA\Models\AssertionTupleKeyInterfaceGet the tuple key that defines what to test. The tuple key specifies the exact authorization question to ask: "Does user X have relation Y on object Z?" This is the core of what the assertion is testing.
AssertionTupleKeyInterface — The tuple key defining the authorization question
public function jsonSerialize(): arrayarray
Implements Models\AssertionInterface
public function schema(): SchemaInterfaceGet the schema definition for this model. This method returns the schema that defines the structure, validation rules, and serialization behavior for this model class. The schema is used for data validation, transformation, and ensuring consistency across API operations with the OpenFGA service. Each model's schema defines: - Required and optional properties - Data types and format constraints - Nested object relationships - Validation rules and business logic constraints The schema system enables the SDK to automatically validate incoming data, transform between different representations, and ensure compliance with the OpenFGA API specification.
SchemaInterface — The schema definition containing validation rules and property specifications for this model