Define permissions not based on methods

[EmileSpecs]

Hi @fratzinger

Apologies for asking a question, but I can't seem to get any appropriate documentation on this.

As listed in the readme, one can define permissions not based on methods: Define permissions not based on methods: can('view', 'Settings')

I've added a simple rule (inside defineRulesFor): can('view', 'Map');

I assume I now have to defined what the rule means i.t.o the Feathers services' CRUD operations? How does one implement such a permission rule?

[fratzinger]

Hey @EmileSpecs,

what do you expect can('view', 'Map') will do? I use exactly this type of rules (with a view-action). I define the rules on the server side. With the authentication/login, they get passed to the client side, where I take those and pass them to @casl/vue. Now I can use it there like: https://feathers-casl.netlify.app/client-side.html#just-use-it but the server side just ignores the rules. It's just for having a single source of truth for rules.

For my use-case the view-rules are totally decoupled from the crud-rules. I use the view-rules to hide e.g. MenuItems, or make routes from VueRouter not accessable for certain users. It's more like a kind of sugar.

Which client side framework do you use (angular, react, vue)? And how do you want to use the view-actions? What do you expect from it? 😃

[fratzinger]

closing due to inactivity. @EmileSpecs is there something left?

[EmileSpecs]

Hi @fratzinger Sorry, I thought I did reply but seems like I intended to but then didn't!

My intent was to use it more like the a kind of "sugar" as you mentioned. For some reason my initial attempt to use it this way (not CRUD rules) didn't work, but subsequently it did.

Thanks for the answer and clearing it up for me.

[fratzinger]

Perfect. Let me know, if there's something else.