You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
as mentioned in #248 we can generate additional per-route middleware for each operation. Currently, RBAC is implemented by generating this huge interface from which the implementation maps operations to either a permission, a rather obscure "this route is permissioned but it's implemented elsewhere due to ownership rules etc" and "no permission required".
It could also make sense to include the permissions even of operations that aren't explicitly checked at the middleware layer but are checked later based on data queried (such as ownership)
/threads:
patch:
x-storyden-rbac:
permission: UPDATE_THREADchecked_internally: true # skips checking at middleware, assumes it will be checked at service layer
The text was updated successfully, but these errors were encountered:
as mentioned in #248 we can generate additional per-route middleware for each operation. Currently, RBAC is implemented by generating this huge interface from which the implementation maps operations to either a permission, a rather obscure "this route is permissioned but it's implemented elsewhere due to ownership rules etc" and "no permission required".
This can be better expressed in OpenAPI:
It could also make sense to include the permissions even of operations that aren't explicitly checked at the middleware layer but are checked later based on data queried (such as ownership)
The text was updated successfully, but these errors were encountered: