github-actions[bot]
commented
1 year ago Stale issue message
Open darh opened 1 year ago
github-actions[bot]
commented
1 year ago Stale issue message
github-actions[bot]
commented
1 year ago Stale issue message
Base problem to solve
Letting RBAC (and other facilities) perform operations based on hierarchical relationship between resources, such as users and record ownership.
One of the requested use-cases is to support contextual roles where they would be applied in cases where user A is the parent of user B (such as a plain manager-like relationship).
Important: this use in contextual roles is a must-have for this version.
Abstract solution
Define (some) resources in a dependancy graph where we can utilise standard graph traversal algorithms to support operations such as "is user A directly above user B" or "is user B somehow related to user A".
We can define a new reusable service (inside
pkg) which would manage this dependancy graph and allow us to perform generic query operations over it. Connections can also define some metadata on them which would let us squash multiple uses into a single graph.To consider there are some graph-like databases out there; could we utilise one of them? Preferably one that doesn't persist data.
Graph nodes don't need to be anything complicated so we can probably get away with using some existing library instead of defining our own.
Notes
I've left the definition of how the implementation should look like so we can construct it together when we get around to developing it.