Polymorphic permissions

[atrauzzi]

Might be nice to be able to have permissions specified against multiple types of data.

Either by class (id column is null), or instance (id column is not null).

Also global permissions are possible by having both class and id as null.

See this rails package for an idea as to how useful it can be: http://eppo.github.com/rolify/

[andrew13]

Very interesting idea and thanks for the link to the rolify. I'll review it and see what can be added without making it too complicated.

[andrew13]

I took a longer look at the rolify, not quite sure what it provides without installing it and testing it.

[andrew13]

I think I see what you mean. Be able to specify a role or permission against a specific class or object. I think thats a really neat idea, but I think it's beyond the scope of entrust at the moment.

[nicodemuz]

+1

This would be exactly what I need! :)

[phazei]

That would be great. Currently building a CMS that manages multiple sites. Users will have a edit permission but only for a particular site, or multiple sites for example. This feature would be really useful.

[carcinocron]

:+1:

[dambridge]

Not sure if I follow correctly, but would this satisfy a mult-tenant situation, ie, using 'tenant_id' column?

[adanarchila]

+1

[deardooley]

+1

[deardooley]

I had a pressing need for something like this, so I went ahead and implemented it. The pull requests is https://github.com/Zizaco/entrust/pull/245. You will need to migrate your pivot table if you are already running this on your site. If this gets merged, I will port it to L5 as well. As I'm not using L5 at the moment, that wasn't a top priority for me, but I'm happy to give back.

[georgeboot]

I really like this idea! I searched a lot for a perfect rbac library for Laravel that does support object based permissions, and this would be it.

For me I need specific roles per event. Organisers have their own events which they can edit, but moderators get assigned to certain events, on which they need to perform certain tasks. Having a way of combining permissions with objects would solve this matter completely.

[ThemePlugger]

+1