Regaez / grav-plugin-api

A REST API plugin for GravCMS
MIT License
27 stars 6 forks source link

feat: access role permissions per endpoint/method #4

Closed Regaez closed 4 years ago

Regaez commented 7 years ago

It could be nice to allow the ability to specify roles for the API endpoints from within the plugin config.

For example, a user might require the admin.super role in order to be able to use DELETE /pages, but does not require any role to use GET /pages

Regaez commented 5 years ago

Furthermore, it could be nice to have a generic api.super role that allows you to do anything with the API, but have more specific api.page.get or api.page.delete etc to allow for fine-grained permissions. Possible scopes:

Generic

Pages

Users

Plugins

Configs

khanduras commented 4 years ago

Data: