Right now, in nexus/src/authz/api_resources.rs, we have "typed" and "generic" resources. "typed" resources are resources to which we will allow users to assign roles -- the Fleet, Silos (eventually), Organizations and Projects. Everything else is a generic FleetChild or ProjectChild with a type alias, like type Instance = ProjectChild. The reason is just that there's a bunch of boilerplate for each resource, and given the current policy, nothing actually cares what type anything is, so it was easier to do it this way.
I only recently appreciated that this means you can pass an authz::Project where an authz::Instance is expected, which seems pretty dangerous. That alone convinced me that we're better off with well-typed versions of these things.
It may help simplify the problem if we eliminate the constructors at each level for constructing child resources (e.g., Organization::project(project_id) -> Project). That was a convenient pattern when I expected you'd be building these by hand. But these are generally going to be built by the lookup_resource macro. If we make this Project::from(Organization) instead, we can update the macro to use that, and it may make it quite a lot easier for us to generate the full set of authz types (since you don't have to generate any type-specific methods).
Right now, in nexus/src/authz/api_resources.rs, we have "typed" and "generic" resources. "typed" resources are resources to which we will allow users to assign roles -- the Fleet, Silos (eventually), Organizations and Projects. Everything else is a generic
FleetChildorProjectChildwith a type alias, liketype Instance = ProjectChild. The reason is just that there's a bunch of boilerplate for each resource, and given the current policy, nothing actually cares what type anything is, so it was easier to do it this way.I only recently appreciated that this means you can pass an
authz::Projectwhere anauthz::Instanceis expected, which seems pretty dangerous. That alone convinced me that we're better off with well-typed versions of these things.It may help simplify the problem if we eliminate the constructors at each level for constructing child resources (e.g.,
Organization::project(project_id) -> Project). That was a convenient pattern when I expected you'd be building these by hand. But these are generally going to be built by thelookup_resourcemacro. If we make thisProject::from(Organization)instead, we can update the macro to use that, and it may make it quite a lot easier for us to generate the full set ofauthztypes (since you don't have to generate any type-specific methods).