@casl & Hasura permissions for multiple roles #32
Description
@msvoro, this issue continues #31
Pages accessible only for certain roles
- Show hide menu using https://github.com/stalniy/casl
- Configure multiple roles and permissions https://hasura.io/docs/latest/graphql/core/auth/authorization/permission-rules.html
Entity Fields accessible only for certain roles
- Show hide entity fields using https://github.com/stalniy/casl
- use graphql query directives
@skip/@includeaccording to permissions https://hasura.io/docs/latest/graphql/core/databases/postgres/queries/variables-aliases-fragments-directives.html for individual fields
Extend Hasura for quering permissions
Implement either hasura action (on top of hasura permissions tables/views or rest api https://hasura.io/docs/latest/graphql/core/auth/authorization/permission-rules.html) or postgres function
query currentUserAbilities {
currentUserAbilities {
action
subject
fields
conditions
}
]
returns:
[
{
action: ['select', 'insert', 'update'],
fields: ['id', 'seq', 'name', ...],
subject: 'Entity1',
conditions: { created_by: '%current_user%'}
},
{
inverted: true,
action: ['select', 'insert', 'update', 'delete'],
fields: ['id', 'seq', 'name', ...],
subject: 'Entity2',
conditions: { created_by: '%current_user%'}
}
]
FYI, this example pull request will be used for codegen as an example.