This plugin demonstrates how we can use custom code to manage custom permissions.
Let's assume that we have an application in which we do not want to allow non-admin users to view, update or delete other user's items.
Run assertCanUpdate before the request:
Run addQueryFilter before the request:
Run assertCanRead after the request:
ForbiddenError
response otherwiseRun filterMgetResult after the request:
Clone this repository locally and make it accessible from the plugins/enabled
directory relative to the Kuzzle installation directory. A common practice is to put the code of the plugin in plugins/available
and create a symbolic link to it in plugins/enabled
.
Note. If you are running Kuzzle within a Docker container, you will need to mount the local plugin installation directory as a volume in the container.
Please refer to the Guide for further instructions on how to install Kuzzle plugins.