search

hagopj13 / node-express-boilerplate

A boilerplate for building production-ready RESTful APIs using Node.js, Express, and Mongoose
MIT License
6.99k stars 2.05k forks source link

Multiple roles/permissions #253

Open arximughal opened 1 year ago

arximughal commented 1 year ago

How can I implement multiple roles for a single user given the default config in this boilerplate? e.g., I have a user account with the role user. user role has certain permissions e.g., manageInvoices, getInvoices. But I want one user to have the permission manageOrganization along with the rest of the permissions but I do not want to add manageOrganization permission to all the users who have user role.

Is there any way I can achieve this? Any ideas and suggestions are appreciated!

akshat-khosya commented 1 year ago

Yuu can create middlewares for the different roles.

mrFaizanDev commented 1 year ago

As per the flow, You can add one more role e.g.: 'manager'. Then assign new permission with old one too. / e.g. manager: [manageInvoices, getInvoices, manageOrganization]. It will make your role more readable that it has these permissions without doing any complex code. If this is helpful for you then you can close this issue.