-
Notifications
You must be signed in to change notification settings - Fork 381
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
I would like to be able to set permissions from a DB table rather than hard coded in a permissions set. #709
Comments
You should not do a function call at compile time to find the permissions (Notice that you are calling a function). That is why when you try to compile the code, it fails because you haven't started the repository and whatnot needed to call the database. Your intent could be achieved by passing an MFA configuration that could be called to fetch the permissions instead, something like: use Guardian, otp_app: :dynamic,
permissions: {BaseStructures, :get_table_permissions!, []} I am not sure if this is supported yet, but a PR is welcomed. |
I believe it's a tuple (threeple) But that won't work still because permissions are cached at compile time. (I just made it so only permissions are resolved at compile time instead of all config). That would need to be changed for this kind of resolution to work for permissions. From what I'm seeing, the compile time pieces look like they might be optimizations that could just be read at runtime? |
I fixed it; I meant to use a tuple instead of a list.
I hear you. The idea is moving it at runtime 🤷🏻 otherwise, no way we could figure this one out as far as I can tell. |
I forked this repo as a POC to see if I could approach it with this capability, fork instead of PR at first because I wasn't sure if this was done intentionally or not. Perhaps for added security ??? not sure. POC here: https://github.com/kairos0ne/guardian Its a bit rudimentary - Added a update_permissions(perms) function. It can certainly can be improved.
Then you can call update_permissions from you Guardian module implementation. I also changed the permissions module to support run time updates. If you guys have any suggestions or improvements let me know. |
Please create a PR in Draft. That will help me to follow exactly what you have done so far since otherwise it is hard for me to follow the work. |
Sure I'll create a draft PR and a pull in all the changes np |
@kairos0ne, any updates from your end? |
Let me take a look... |
This issue has been automatically marked as "stale:discard". If this issue still relevant, please leave any comment (for example, "bump"), and we'll keep it open. We are sorry that we haven't been able to prioritize it yet. If you have any new additional information, please include it with your comment. |
Problem Statement
I tried to get the permissions structured correctly for Guardian in my Guardian module like so.
However I get this error:
Solution Brainstorm
Any thoughts on how to support this or if Im in fact missing something fundamental.
The text was updated successfully, but these errors were encountered: