ujibang
commented
8 years ago the default configuration file binds an ApplicationHandler called GetRoleHandler
This allows the request GET /_logic/roles/<userid that returns (only if userid is the request authenticated user, otherwise you get 403 Forbidden):
{
"_embedded": {},
"_links": {
"self": {
"href": "/_logic/roles/user@si.com"
}
},
"authenticated": true,
"roles": [
"USER"
]
}Note the roles array. This gives back the roles of the authenticated user. You can use it to build your UI according to user's roles.
Documentation page reference is https://softinstigate.atlassian.net/wiki/x/JgDM
Does this fits your needs?
One thing I would like to do is to integrate my UI menus with the role permissions in RESTHeart. I was thinking that the API could expose an API allowing the client to query the permission set for a given DB or collection. Using this, I would hide/show different menu options in my UI. One part of that might be to store the role/predicate pairs in the db, though I think it could be done in a way that would work with SimpleAccessManager as well as any custom access manager. I guess the first question would be, what should the URL look like if we want to surface this query?