iteria-app / material-ui-starter

We are testing Iteria Lowcode using Material-UI components

https://demo.iteria.tech

MIT License

1 stars 18 forks source link

`@casl` & Hasura permissions for multiple roles #32

Open jozef-slezak opened 3 years ago

jozef-slezak commented 3 years ago

@msvoro, this issue continues #31

Pages accessible only for certain roles

[ ] Show hide menu using https://github.com/stalniy/casl
[ ] Configure multiple roles and permissions https://hasura.io/docs/latest/graphql/core/auth/authorization/permission-rules.html

Entity Fields accessible only for certain roles

[ ] Show hide entity fields using https://github.com/stalniy/casl
[ ] use graphql query directives @skip/@include according to permissions https://hasura.io/docs/latest/graphql/core/databases/postgres/queries/variables-aliases-fragments-directives.html for individual fields

Extend Hasura for quering permissions

Implement either hasura action (on top of hasura permissions tables/views or rest api https://hasura.io/docs/latest/graphql/core/auth/authorization/permission-rules.html) or postgres function

query currentUserAbilities {
  currentUserAbilities {
    action
    subject
    fields
    conditions
  }
]

returns:

[
  {
    action: ['select', 'insert', 'update'],
    fields: ['id', 'seq', 'name', ...], 
    subject: 'Entity1',
    conditions: { created_by: '%current_user%'}
  },
  {
    inverted: true,
    action: ['select', 'insert', 'update', 'delete'],
    fields: ['id', 'seq', 'name', ...],
    subject: 'Entity2',
    conditions: { created_by: '%current_user%'}
  }
]

FYI, this example pull request will be used for codegen as an example.