-
Notifications
You must be signed in to change notification settings - Fork 17
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Permisions claim check field with multiple values? #284
Comments
I am not sure if I fully understand what you are trying to achieve but I don't think there is a good way to handle this situation at the moment. |
Thank you for the response. That makes sense to have to write a permissions profile for each Root Entity. In the example above I was also curious having restriction with a field value that is a list of items. For example If I wanted to store a separate field on the entity that had all the gallery IDs. Then have my restriction compare the values of field list to the claim list. For example:
In this example i would expect the user to get response of two portfolios since he has claim of I created a draft PR here ( For my current project I need to check value of claim/and or role to a field that is list of values. |
Hello,
I am currently trying to setup a
permissions-profile
and was hoping to get some feedback on how to handle permissions for referenced entities and/or suggestions on model design.For example I have something similar to the following:
A user with
read
permissions would be able to access thename
field but would get“Not authorized to read Portfolio objects (in Gallery.portfolios)“
when trying to access porfolios of the gallery . The only way I can think to get around this is to add aCtx
extension to each entity and update the permissions-profile to reference the new context field / or create seperate permission for each entity with the correct feld, claim combination.Adding
Ctx
entity solved the authentication issue but aPortfolio
in the example can be referenced by many Gallery entities. A a user with access to one gallery and not the another would get access denied when trying to access portfolio in current setup unlessctx.gallery
was an array.I know it is not possible to to have an array as a field value. Is there something I can do that would resolve the scenario mentioned above. Something like
any([claim in field for claim in claims]) if isinstance(field, list) else field in claims
Do I need
Ctx
or is there a better way to handle this use case ?I am still learning my way around so any help would be appreciated.
Regards,
John
The text was updated successfully, but these errors were encountered: