sondreb
commented
4 days ago I think maybe this is already possible, by adding an actions section under the role, right? I did a quick verification, and I think it's possible.
Something like this:
structure: {
globalAdmin: {
$role: true,
$actions: [
{
role: 'globalAdmin',
can: ['create', 'read', 'update', 'query', 'subscribe', 'co-update', 'co-delete'],
},
],
},
With this feature, I could give an "employee" the rights to give other employees permissions. The alternative is to host the private key of the DWN on a server and build a custom permission-management API for this purpose.