oso
oso copied to clipboard
opensource-observer
Add authorized resources to Graphql Context
We should add data to the Graphql Context when checking user access to Organization / Resources (notebooks, datasets, etc) to avoid re-checks.
We can store an authorized object in the context and use it as a cache. We can add different keys to the cache, for example: ORGS will have a set of ids that the user has a membership, and if the key exists we don't have to query the DB, just return the list. This way we can also add check to the parentOrgIds just to be safe.
In the future this should also store the access level of ther user for each resource:
{
"authorized": {
"org_key": {
"org-id-1": "admin",
"org-id-2": "member"
}
}
}
![linear[bot] avatar](https://avatars.githubusercontent.com/in/20150?v=4 "Published by a pub.dev verified publisher"){kind=small}