DOPΣ - Should peeps can manage org should also ...
Should peeps can manage org should also able to manage child packages operations?
Like the. What they can do respective to important file compinent
10 Replies
package.user_permissions.can_manage_package is supposted to tell you
in general, whenever a user is requesting to modify a thing, the thing will have user_permissions saying what the user is allowed to doso for re request ai stuff, which perms should be there?
that's also
can_manage_package
if it's on the package it's can_manage_package
if it's related to org management, e.g. adding a member, it's on the org
eventually there is also stuff like can_read_package but not can_manage_packageugh so i need to revamp permissions thing
im thinking of flag alike system, so it would be like this instead
if (!org.user_permissions.can_manage_org) {
return ctx.error(403, {
error_code: "not_authorized",
message: "You do not have permission to manage this organization",
})
}
is that ok?
that makes sense if the user is trying to add a member yes
but idk if we're still talking about package management
i was talking abt schema, currently getorg returns can_manage_org independently, but now im thinking to do it under user_perms
yea should always be
org.user_permissions/resource.user_permissions, that will help us keep things standardEta Monday