onury
wilcard for user and resource
I want to do this:
let grantsObject = {
'*': {
'*': {
'create:any': ['!*'],
'read:any': ['!*'],
'update:any': ['!*'],
'delete:any': ['!*']
}
}
};
//......... add more reading database
const ac = new AccessControl(grantsObject);
but I having this error:
Unhandled rejection AccessControlError: Cannot use reserved name "*" for a resource.
so, is there any way to add a default permission for all users and all resources?
In our case, we would like to grant anyone permission to read:own any resources. Seems not possible at the moment.
To expand on this, I'd love an api like this:
ac.grant('user').resource('resource_one').action('create', 'any')
ac.grant('user').resource('resource_two').action('edit', 'own')
allowing
ac.grant('user').resource('resource_one').action('*', 'any')
or
ac.grant('admin').resource('*').action('*', 'any')
or some other combination that you could imagine!
There's an (intermediate) solution to your problems https://github.com/anodynos/accesscontrol-re :-)
I want to do this:
let grantsObject = { '*': { '*': { 'create:any': ['!*'], 'read:any': ['!*'], 'update:any': ['!*'], 'delete:any': ['!*'] } } }; //......... add more reading database const ac = new AccessControl(grantsObject);but I having this error:
Unhandled rejection AccessControlError: Cannot use reserved name "*" for a resource.so, is there any way to add default permission for all users and all resources?
I think instead of granting all permissions to all roles using *. Have a default role that is granted to everyone and then use that role to grant all permissions.
