Open robere2 opened 1 year ago
Experimenting with this further, it seems like we can have conditions that go one relation level deep, but nothing beyond that. I'm not quite sure why, however. More investigation is required. Related to https://github.com/rpitv/glimpse/issues/11
Permissions currently cannot be based on the state of relations they carry, however it could prove extremely useful. For example, we may only want to allow a User to read
Video
objects which are linked to aProduction
that is public.These sorts of permission checks would require additional database queries to fetch the relations, and may not be so straightforward to implement.