You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
It would be great if one user could have multiple roles for each scope...
For example:
Let's imagine that we have a forum app which has multiple main topics like: IT, LIFESTYLE, WHATEVER...
Now, let's say that we want to give role of "Administrator" to user id 42, but ONLY for IT topic, while on, for example, LIFESTYLE topic he has "Moderator" role.
Currently this is possible by adding a lot of roles, like "IT_administrator", "IT_moderator", "LIFESTYLE_admin"... and so on.
My suggestion would be to add some kind of "scope" to user_role table. So we would have opportunity to add pivot value like:
Let's reuse upper example to demonstrate my suggestion and say that role_id of 1 = 'Administrator' and role_id of 2 is 'Moderator'. This is how the table would look like:
role_id
user_id
scope
1
42
IT
2
42
LIFESTYLE
So, now we are reusing existing roles and our user has different role depending of scope. He can now do everything in IT topic but not in LIFESTYLE topic.
Ofcourse... this would only work if is model method changes also....
It should need to do Acl.check only scoped roles, so maybe something like this:
Model.prototype.is = async function (expression, scope) {
const roles = await this.getRoles(scope) // this one should get's scope roles only, if scope is passed
return Acl.check(expression, operand => _.includes(roles, operand))
}
What do you think?
The text was updated successfully, but these errors were encountered:
It would be great if one user could have multiple roles for each scope...
For example:
Let's imagine that we have a forum app which has multiple main topics like: IT, LIFESTYLE, WHATEVER...
Now, let's say that we want to give role of "Administrator" to user id 42, but ONLY for IT topic, while on, for example, LIFESTYLE topic he has "Moderator" role.
Currently this is possible by adding a lot of roles, like "IT_administrator", "IT_moderator", "LIFESTYLE_admin"... and so on.
My suggestion would be to add some kind of "scope" to user_role table. So we would have opportunity to add pivot value like:
Let's reuse upper example to demonstrate my suggestion and say that role_id of 1 = 'Administrator' and role_id of 2 is 'Moderator'. This is how the table would look like:
So, now we are reusing existing roles and our user has different role depending of scope. He can now do everything in IT topic but not in LIFESTYLE topic.
Ofcourse... this would only work if
is
model method changes also....It should need to do
Acl.check
only scoped roles, so maybe something like this:What do you think?
The text was updated successfully, but these errors were encountered: