Fixed per-role permissions

[bkabrda]

Hi, this is more of a question than a bug (potentially it may become RFE): I have an application where I want to have:

• users
• possibly multiple roles for each user
• "fixed" set of permissions (possibly growing in time) that I can assign/unassign to/from certain roles

Made-up example:

• There is a developer role and a manager role
• All developers have "change-code" permission and "create-new-repository" permission
• All managers have "manipulate-team-members" permission
• After a while, I decide that developers are creating too many repos, so I want to move the permission from developers to managers - just by changing permissions that are associated to these roles in DB, I don't want to touch application code

AFAICS this is not supported approach at this time, cause it would need adding a permission model with M:N relation to role model. I think this should be pretty easy to actually add to my application while still using flask-principal, but I wanted to ask if there's a preferred/recommended way of doing this or if you have some plans in this direction (or if I'm just missing something and doing everything wrong ;)). Thanks!

[madslundgaard]

Hi @bkabrda, Død you find a good way to implement. I am facing similar a challenge.