fastify-swagger icon indicating copy to clipboard operation
fastify-swagger copied to clipboard

Published 20 hours ago verified publisher icon fastify

hide route based on user scope ?

Open x-077 opened this issue 2 years ago • 3 comments

Prerequisites

  • [X] I have written a descriptive issue title
  • [X] I have searched existing issues to ensure the issue has not already been raised

Issue

Hello,

Let say an app have 3 scope of permission ( user / moderator / admin ) . Is there a way to hide the route that a user is not supposed to use ?

For example, someone with admin scope could see all the routes while someone with moderator or user would have a limited view ?

Thanks

x-077 avatar Jul 06 '22 07:07 x-077

I don't think this is possible at the moment. However, it would be a good feature to add some hooks for customizing the definition on the fly.

Would you like to send a Pull Request to address this issue? Remember to add unit tests.

mcollina avatar Jul 06 '22 13:07 mcollina

hello @mcollina ,

I can try but I'm not really familiar with this plugin or swagger/openapi in general.

Looking at the code, I was wondering if it could not be possible to do it in the shouldRouteHide method.

I did not spend enough time yet reading the code, so Im not sure if that method is call at runtime/fly or prior fastify start ( like a plugin would do when calling register(....) ).

x-077 avatar Jul 07 '22 03:07 x-077

That'd be where I would put this logic. However it requires some refactoring to get this implemented.

mcollina avatar Jul 07 '22 06:07 mcollina