search

DirectoryTree / Authorization

Easy, native Laravel user authorization.
MIT License
161 stars 7 forks source link

Scoping Roles/Permissions #12

Open kurucu opened 2 months ago

kurucu commented 2 months ago

Sorry to raise an issue for this - if there's a better way, please let me know.

Any thoughts on scoping of roles to e.g. a project - so users could have different roles on different projects?

Similarly, what about scoping permissions to a specific model (e.g. updating a specific post).

stevebauman commented 2 months ago

Hey @kurucu! Great questions.

Any thoughts on scoping of roles to e.g. a project - so users could have different roles on different projects?

This is basically like having a "team" or "company" role/permissions -- I'd be down to have this 👍

Similarly, what about scoping permissions to a specific model (e.g. updating a specific post).

I'm not sure if this would be easily done or easily manageable. You'd have to create a new DB record for every user to store their access to the specific model (correct me if I'm wrong).

kurucu commented 2 months ago

Hey @stevebauman! Thanks, and great work.

This is basically like having a "team" or "company" role/permissions -- I'd be down to have this 👍

Yep - I could have phrased that better, it's probably classic multi tenancy. I'm imagining something like the Scope attribute with the nested set package.

I'm not sure if this would be easily done or easily manageable. You'd have to create a new DB record for every user to store their access to the specific model (correct me if I'm wrong).

You're probably right. I'll have a think about what I'm after here and see a better way.