Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Permission no matter role #651

Open
WildEgo opened this issue May 21, 2021 · 3 comments
Open

Permission no matter role #651

WildEgo opened this issue May 21, 2021 · 3 comments

Comments

@WildEgo
Copy link

WildEgo commented May 21, 2021

Hey!
So I didn't find anything on the documentation about this so I do not know if it's possible and if it is I'd really appreciate if you could guide me in the right direction, so below is my roles object and with it I'd like to see independently of my roles if I have the permission view users for example.

   "Admin":[
      "view users",
      "create users",
      "edit users",
      "edit self",
      "view tenants",
      "create tenants",
      "edit tenants",
      "delete tenants",
      "view plans",
      "create plans",
      "edit plans",
      "delete plans",
      "restore plans"
   ],
   "User":[
      "edit self",
      "view tenants",
      "view plans"
   ]
}

Is it possible to do so? My current route setup for the users is depicted below and I'd expect to be able to check for the permission on my children's meta with something like permission: 'view users'.

    {
        path: '/users',
        component: RouterView,
        meta: {
            auth: true,
        },
        children: [
            {
                name: 'users',
                path: '',
                component: Users,
            },
            {
                name: 'user',
                path: ':user',
                component: User,
            },
        ],
    }

Sorry if the question is poorly worded my brain is rather scrambled at the moment.

Thanks for any help in advance,
Luis Bizarro.
@websanova
Copy link
Owner

Ok, so I've made an update to better support this kind of a setup to allow optionally setting the rolesKey via the auth meta. You will need to get the latest version for this 4.1.2.

Example in the demo: https://github.com/websanova/vue-auth/blob/master/demos/2.x/src/router/index.js#L54

So in your situation a route could look something like:

        meta: {
            auth: {
                roles: ['edit self, 'view tenants'],
                rolesKey: 'User'
            }
        },

@websanova
Copy link
Owner

websanova commented May 22, 2021
edited
Loading

@WildEgo also note that the roles only require one hit, so it's basically "OR" operation, if you want some kind of "AND" operation, then probably you need more of a "role" / "permissions" type setup where a head role like "tenant admin" would grant general access to tenants area and then within that area you would use the $auth.check() method for toggling interface elements (via permissions).

@WildEgo
Copy link
Author

WildEgo commented May 22, 2021

@WildEgo also note that the roles only require one hit, so it's basically "OR" operation, if you want some kind of "AND" operation, then probably you need more of a "role" / "permissions" type setup where a head role like "tenant admin" would grant general access to tenants area and then within that area you would use the $auth.check() method for toggling interface elements (via permissions).

So basically what I was thinking is not needing to pass a rolesKey so I can basically ignore whatever roles they have but just look for a permission? I'm not sure if that's the result u're providing with the change, either way it's good QOL changes.

Thank you for the amazing package!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@websanova @WildEgo