api-platform / core

The server component of API Platform: hypermedia and GraphQL APIs in minutes
https://api-platform.com
MIT License
2.45k stars 882 forks source link

[Question] Multiple user roles based on the user membership #2778

Closed andrea-wood closed 3 years ago

andrea-wood commented 5 years ago

Hi, I have an application where one user can be linked to multiples companies with distinct permissions. For example:

It's clear that I can't rely on the standard Symfony roles system in the User entity to check the permission of the user. My actual implementation is three tables User, UsersCompaniesPermissions and Company with this kind of relation:

User <--oneToMany -- UsersCompaniesPermissions -- oneToMany --> Company

The relation table between User and Company contains the roles field of the user for each company. To check the user's permissions I use on the GET operations a custom query with some SQL joins, and for the other operations (POST, PUT, DELETE) a custom voter. Even if it works, I feel it's not the best way to achieve this. Is this the right way to proceed?

P.S. Congratulations for the awesome work.

soyuka commented 3 years ago

Greetings! We appreciate your concern but weren't able to reproduce this issue or it is more of a question. As described in the API Platform contributing guide, we use GitHub issues for bugs and feature requests only.

For support question ("How To", usage advice, or troubleshooting your own code), you have several options:

Feel free reach one of the support channels above. In the meantime we're closing this issue.