kohsah
commented
6 years ago Use the updated model realm: https://github.com/gawati/gawati-keycloak-scripts/blob/dev/model_realm/model-realm.json
Open kohsah opened 6 years ago
kohsah
commented
6 years ago Use the updated model realm: https://github.com/gawati/gawati-keycloak-scripts/blob/dev/model_realm/model-realm.json
User logs in documents are listed in the Dashboard.
We need to query the roles of the logged in User and list only documents which the user can access.
Currently the documents are listed without checking permissions.
The way to check for permissions, is to make a listing query to the client-server with the Authentication bearer token. Server decomposes the bearer token and determines available roles. Based on available roles, makes the query to eXist which returns a listing filtered on the provided roles.