derekjwilliams / first-next-auth

https://first-next-auth-eight.vercel.app
0 stars 0 forks source link

Explore RBAC (Role based access control) #4

Open derekjwilliams opened 7 months ago

derekjwilliams commented 7 months ago

Roles such as Service Technician, Administrator, Tenant, Lessee, Lessor, Maintenance Manager, will be need to set permissions on what actions can be take on Service Requests.

See the Redmine project for some ideas: e.g. https://www.redmine.org/projects/redmine/wiki/PtBRRedmineRoles

"Roles lets you define the permissions that the members have on a project. Each member of a project has one or multiples Role(s) for the project. A user can have different roles for different projects.

You can create new roles or edit existing ones. You can delete a role only if nobody has this role on a project."

derekjwilliams commented 7 months ago

Cerbos looks great, supports both RBAC and ABAC: https://www.cerbos.dev/

derekjwilliams commented 6 months ago

Cerbos identified as the best candidate, working to implement a POC

derekjwilliams commented 4 months ago

Supabase guides:

https://supabase.com/docs/guides/database/postgres/custom-claims-and-role-based-access-control-rbac

https://github.com/point-source/supabase-tenant-rbac