PermissionPartial: allow to check if after removal user will still have permission
Closed this issue · 1 comments
mmnosek commented
In SWO project I edit permissions related to object on its page. I don't want the user to remove the last group which gives him permission to access this page. As the rules might be very complex, actually the only way to check if removing won't delete the last group giving permission to current user is IMO:
- Try to delete in separate, nested transaction
- If the user has still permission, just delete it in "regular" transaction scope.
- If the user has no permission afterward, rollback nested transaction and dispatch an event.
It should allow avoiding described situation.
cc @joozek78