From 464daeefc39bd6877948177c833a8425ff367242 Mon Sep 17 00:00:00 2001
From: mo khan <mo@mokhan.ca>
Date: Wed, 23 Jul 2025 14:43:39 -0600
Subject: chore: allow everyone to read all sparkles

---
 etc/authzd/relationships.yaml | 16 +++++++++++++++-
 etc/authzd/schema.zed         |  3 ++-
 2 files changed, 17 insertions(+), 2 deletions(-)

diff --git a/etc/authzd/relationships.yaml b/etc/authzd/relationships.yaml
index b8ebe50..7f93052 100644
--- a/etc/authzd/relationships.yaml
+++ b/etc/authzd/relationships.yaml
@@ -3,10 +3,24 @@ relationships: >-
   sparkle:1#author@user:mokhax
 
   sparkle:1#sparklee@user:tanuki
+
+  sparkle:1#reader@user:*
+
+  sparkle:2#author@user:mona
+
+  sparkle:2#sparklee@user:tanuki
+
+  sparkle:2#reader@user:*
 assertions:
   assertTrue:
-    - "sparkle:1#write@user:mokhax"
     - "sparkle:1#read@user:mokhax"
     - "sparkle:1#read@user:tanuki"
+    - "sparkle:1#write@user:mokhax"
+    - "sparkle:2#read@user:mokhax"
+    - "sparkle:2#read@user:mona"
+    - "sparkle:2#read@user:tanuki"
+    - "sparkle:2#write@user:mona"
   assertFalse:
     - "sparkle:1#write@user:tanuki"
+    - "sparkle:2#write@user:tanuki"
+    - "sparkle:2#write@user:mokha"
diff --git a/etc/authzd/schema.zed b/etc/authzd/schema.zed
index b0e8e74..9af95cc 100644
--- a/etc/authzd/schema.zed
+++ b/etc/authzd/schema.zed
@@ -3,7 +3,8 @@ definition user {}
 definition sparkle {
   relation author: user
   relation sparklee: user
+  relation reader: user:*
 
-  permission read = sparklee + author
+  permission read = sparklee + author + reader
   permission write = author
 }
-- 
cgit v1.2.3