implementing advanced 2 layer RBAC
i have a more advanced usecase for the access plugin
yes, im using the organization plugin too
i want to have a role per organization and each organization will have many projects and i want a user to also have a role per project
can i use the access control to securely check for example when user is in organization A with role member and in project B with role editor
can i somehow make a access control that will say he can update this only when he has editor role
1 Reply
TL;DR
example roles in organization scope: [owner, admin, member]
example roles in project scope: [admin, editor, viewer]
request comes in for projectId=5
check if this user can update inside this project with id=5
- no, he is not in an organization that this project belong to
- no, he has only the viewer role in this project
example use cases ^