-
|
Is it possible to control read/write access to a field for an entity based on a condition? For example, how would I only allow users to add/remove roles that have a ranking <= to their current role? |
Beta Was this translation helpful? Give feedback.
Replies: 1 comment 2 replies
-
|
I think this is very application specific logic. The Typetta security does not provide such feature. If you are using the autogenerated operations I would suggest to override all the resolvers that does not fit your application by decorating it with your custom logic. Does it make sense? |
Beta Was this translation helpful? Give feedback.
-
|
Yea that makes sense, I ended up putting this logic inside of my security context generation code. |
Beta Was this translation helpful? Give feedback.
-
|
I think you can try to achieve this result in a more declarative way defining a permission connected to your logic and the defining a policy connected to a projection of the entity like described here https://twinlogix.github.io/typetta/chapters/advanced/security#permissions-on-entity-projections |
Beta Was this translation helpful? Give feedback.
I think this is very application specific logic. The Typetta security does not provide such feature. If you are using the autogenerated operations I would suggest to override all the resolvers that does not fit your application by decorating it with your custom logic. Does it make sense?