Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

wilcard for user and resource #58

Open
joneldiablo opened this issue Oct 25, 2018 · 4 comments
Open

wilcard for user and resource #58

joneldiablo opened this issue Oct 25, 2018 · 4 comments
Labels
feature request Considered to be implemented.

Comments

@joneldiablo
Copy link

joneldiablo commented Oct 25, 2018
edited
Loading

I want to do this:

let grantsObject = {
        '*': {
          '*': {
            'create:any': ['!*'],
            'read:any': ['!*'],
            'update:any': ['!*'],
            'delete:any': ['!*']
          }
        }
      };
//......... add more reading database
const ac = new AccessControl(grantsObject);

but I having this error:
Unhandled rejection AccessControlError: Cannot use reserved name "*" for a resource.

so, is there any way to add a default permission for all users and all resources?
@gregwym
Copy link

gregwym commented Dec 11, 2018
edited
Loading

In our case, we would like to grant anyone permission to read:own any resources. Seems not possible at the moment.

@gausie
Copy link

gausie commented Feb 6, 2019
edited
Loading

To expand on this, I'd love an api like this:

ac.grant('user').resource('resource_one').action('create', 'any')
ac.grant('user').resource('resource_two').action('edit', 'own')

allowing

ac.grant('user').resource('resource_one').action('*', 'any')

or

ac.grant('admin').resource('*').action('*', 'any')

or some other combination that you could imagine!

@onury onury added the feature request Considered to be implemented. label Feb 7, 2019
@anodynos
Copy link

There's an (intermediate) solution to your problems https://github.com/anodynos/accesscontrol-re :-)

@hamxabaig
Copy link

I want to do this:

let grantsObject = {
        '*': {
          '*': {
            'create:any': ['!*'],
            'read:any': ['!*'],
            'update:any': ['!*'],
            'delete:any': ['!*']
          }
        }
      };
//......... add more reading database
const ac = new AccessControl(grantsObject);

but I having this error: Unhandled rejection AccessControlError: Cannot use reserved name "*" for a resource.

so, is there any way to add default permission for all users and all resources?

I think instead of granting all permissions to all roles using *. Have a default role that is granted to everyone and then use that role to grant all permissions.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
feature request Considered to be implemented.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
6 participants
@gausie @gregwym @anodynos @onury @hamxabaig @joneldiablo