From 3302c432fccdd1dca4069a8c56951169e9c5010b Mon Sep 17 00:00:00 2001
From: Evan Cordell <cordell.evan@gmail.com>
Date: Wed, 18 Dec 2024 09:13:58 -0500
Subject: [PATCH 1/3] Update materialize doc with simpler SQL

---
 .../authzed/concepts/authzed-materialize.mdx  | 56 +++++++++----------
 1 file changed, 25 insertions(+), 31 deletions(-)

diff --git a/pages/authzed/concepts/authzed-materialize.mdx b/pages/authzed/concepts/authzed-materialize.mdx
index 4663c57..caa9539 100644
--- a/pages/authzed/concepts/authzed-materialize.mdx
+++ b/pages/authzed/concepts/authzed-materialize.mdx
@@ -95,7 +95,7 @@ resource#edit@user
 
 ### Relational Database
 
-You can find [here](https://dbfiddle.uk/OP5GwjoG) a runnable version of these examples
+You can find a runnable version of these examples [here](https://dbfiddle.uk/dX10Cu3Z).
 
 These are tables you likely already have in your database
 
@@ -162,22 +162,19 @@ Find all documents `evan` can `view:`
 
 ```sql
 SELECT d.id FROM documents d
-  INNER JOIN set_to_set s2s ON d.id = s2s.parent_id
-  INNER JOIN member_to_set m2s ON m2s.set_id = s2s.child_id AND m2s.set_type = s2s.child_type AND m2s.set_relation = s2s.child_relation
+  LEFT JOIN set_to_set s2s ON d.id = s2s.parent_id
+  INNER JOIN member_to_set m2s ON (m2s.set_id = s2s.child_id AND m2s.set_type = s2s.child_type AND m2s.set_relation = s2s.child_relation) OR (d.id = m2s.set_id )
   INNER JOIN users u ON u.id = m2s.member_id
-  WHERE u.name = 'evan' 
-    AND m2s.member_type = 'user' 
-    AND m2s.member_relation = '' 
-    AND s2s.parent_type = 'document' 
-    AND s2s.parent_relation='view'
-UNION
-SELECT d.id FROM documents d
-  INNER JOIN member_to_set m2s ON d.id = m2s.set_id
-  INNER JOIN users u ON u.id = m2s.member_id
-  WHERE u.name = 'evan' 
-    AND m2s.member_type = 'user' 
-    AND m2s.member_relation = '' 
-    AND m2s.set_type = 'document' AND m2s.set_relation = 'view';
+  WHERE 
+   u.name = 'evan' AND 
+   m2s.member_type = 'user' AND 
+   m2s.member_relation = '...' AND ((
+      s2s.parent_type = 'document' AND
+      s2s.parent_relation='view'
+    ) OR (
+      m2s.set_type = 'document' AND
+      m2s.set_relation = 'view'
+    ));
 ```
 
 | id |
@@ -189,22 +186,19 @@ The same query, by changing only the username, will find all documents `victor`
 
 ```sql
 SELECT d.id FROM documents d
-  INNER JOIN set_to_set s2s ON d.id = s2s.parent_id
-  INNER JOIN member_to_set m2s ON m2s.set_id = s2s.child_id AND m2s.set_type = s2s.child_type AND m2s.set_relation = s2s.child_relation
-  INNER JOIN users u ON u.id = m2s.member_id
-  WHERE u.name = 'victor' 
-    AND m2s.member_type = 'user' 
-    AND m2s.member_relation = '' 
-    AND s2s.parent_type = 'document' 
-    AND s2s.parent_relation='view'
-UNION
-SELECT d.id FROM documents d
-  INNER JOIN member_to_set m2s ON d.id = m2s.set_id
+  LEFT JOIN set_to_set s2s ON d.id = s2s.parent_id
+  INNER JOIN member_to_set m2s ON (m2s.set_id = s2s.child_id AND m2s.set_type = s2s.child_type AND m2s.set_relation = s2s.child_relation) OR (d.id = m2s.set_id )
   INNER JOIN users u ON u.id = m2s.member_id
-  WHERE u.name = 'victor' 
-    AND m2s.member_type = 'user' 
-    AND m2s.member_relation = '' 
-    AND m2s.set_type = 'document' AND m2s.set_relation = 'view';
+  WHERE 
+   u.name = 'victor' AND 
+   m2s.member_type = 'user' AND 
+   m2s.member_relation = '...' AND ((
+      s2s.parent_type = 'document' AND
+      s2s.parent_relation='view'
+    ) OR (
+      m2s.set_type = 'document' AND
+      m2s.set_relation = 'view'
+    ));
 ```
 
 | id |

From fd754481b8c07969cc75afee5c28245c577e7448 Mon Sep 17 00:00:00 2001
From: Evan Cordell <cordell.evan@gmail.com>
Date: Wed, 18 Dec 2024 09:20:09 -0500
Subject: [PATCH 2/3] remove outdated reference to sql `union` (now `left
 join`)

---
 pages/authzed/concepts/authzed-materialize.mdx | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pages/authzed/concepts/authzed-materialize.mdx b/pages/authzed/concepts/authzed-materialize.mdx
index caa9539..8dc5148 100644
--- a/pages/authzed/concepts/authzed-materialize.mdx
+++ b/pages/authzed/concepts/authzed-materialize.mdx
@@ -237,7 +237,7 @@ INSERT INTO set_to_document_view (child_set, document_id)
          ('group:shared#member', '456');
 ```
 
-Note that an extra entry (`document:123#view`, `123`) was added to simplify the join side (avoiding the union in the previous example).
+Note that an extra entry (`document:123#view`, `123`) was added to simplify the join side (avoiding the `left join` in the previous example).
 The queries are a bit simpler, though they can't be used to answer any permission check other than `document#view@user`.
 
 Find all documents `evan` can `view`:

From 74865e60450aca46c3e14e5b21f777fa3c95cb2f Mon Sep 17 00:00:00 2001
From: Evan Cordell <cordell.evan@gmail.com>
Date: Wed, 18 Dec 2024 22:13:05 -0500
Subject: [PATCH 3/3] Materialize APIs emit '' not '...'

---
 pages/authzed/concepts/authzed-materialize.mdx | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/pages/authzed/concepts/authzed-materialize.mdx b/pages/authzed/concepts/authzed-materialize.mdx
index 8dc5148..3c00dd5 100644
--- a/pages/authzed/concepts/authzed-materialize.mdx
+++ b/pages/authzed/concepts/authzed-materialize.mdx
@@ -168,7 +168,7 @@ SELECT d.id FROM documents d
   WHERE 
    u.name = 'evan' AND 
    m2s.member_type = 'user' AND 
-   m2s.member_relation = '...' AND ((
+   m2s.member_relation = '' AND ((
       s2s.parent_type = 'document' AND
       s2s.parent_relation='view'
     ) OR (
@@ -192,7 +192,7 @@ SELECT d.id FROM documents d
   WHERE 
    u.name = 'victor' AND 
    m2s.member_type = 'user' AND 
-   m2s.member_relation = '...' AND ((
+   m2s.member_relation = '' AND ((
       s2s.parent_type = 'document' AND
       s2s.parent_relation='view'
     ) OR (