marcelgwerder
commented
6 years ago Yep, there are a few design issues with the current release. This is one of them. I started working on v1.0 a few months ago. It is a complete rewrite and should allow you to have more fine-grained control over such things. With this version, you can define the nested relations that can be fetched using the expandable config and the known dot notation for nested relations. You can find the current state in the next branch. Feel free to check it out. The most basic stuff should already work but I didn't yet find the time to make it release-ready. If you could start a field-test, it would certainly help me going forward.
Dynamic relationships are very powerfull but also bit unsecure. Any experience with securing nested resources? For example user is able to get posts
posts?with=authorbut ..posts?with=author.privateSettingsthis should be able to download only for author or a supervisor. Any option to set available relations?