[Enhancement] Support OR condition for permission checking

Question

[Enhancement] Support OR condition for permission checking

Closed this issue 3 years ago · 2 comments

I am currently using rbac service for the below use case:
ADMIN -> USER -> VIEWER

I understand that the current inheritance supports 1 level only. If I define VIEWER permission, then ADMIN might not be able to use it. Therefore, I am currently adding a helper function that:

allows list of list of permissions input (string[][])
loop through each of the permission list to check
given at least 1 permission list returns true, then the user is authorized

const promises = permissions.map(async permission => {
  return (await this.rbac.getRole(role)).can(...permission)
})
const authorized = (await Promise.all(promises)).some(result => result)

Would like to know if it makes sense to you all. If then, I may open a PR for this feature.

Answer 1 · 2021-04-30T07:18:30.000Z

@eltonlau1994 thanks for using RBAC! It'll be great to see PR

Answer 2 · 2021-05-01T00:18:02.000Z

#72 - any & anyAsync PR is in place, see if it helps.