Permissions on routes rather than on resources
Closed this issue · 2 comments
Is there a possible way to give permission to an access group on routes. The routes can be dynamic too.
For example:
nacl.json
looks like:
[{ "group": "user", "permissions": [{ "resource": "fans/:id/size", "methods": [ "POST", "GET", "PUT" ], "action": "allow" }] }]
This does not work until I change resource to "resource": "fans"
And if this is not possible do we have to extend the package?
@aitchkhan This functionality has not been considered yet. I am actually impressed with your look of things. The way this module works is it picks the resource from your route, and matches it against your rules. I am positive we can extend this package to cater for this situation.
Would you mind taking a lead on this?
@aitchkhan this functionality has been fulfilled by PR #91