authzed
How can I check resource permission with resource attribute ? #2372
-
definition user {
}
caveat is_public(public bool) {
public
}
definition resource {
+ attribue is_public: bool
- relation viewer: user | resource with is_public
relation writer: user
+ permission view = viewer + writer + resource->is_public
}Is is so expensive for every turple write with |
Beta Was this translation helpful? Give feedback.
Answered by
vroldanbet
Apr 29, 2025
Replies: 1 comment
-
|
We don't typically recommend using caveat for this because it is not a dynamic aspect of the resource - caveats were designed to be used for anything that can only be defined at request time (think anything that comes along your application's API request). You can easily model this using wildcards: |
Beta Was this translation helpful? Give feedback.
0 replies
Answer selected by
vroldanbet
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
We don't typically recommend using caveat for this because it is not a dynamic aspect of the resource - caveats were designed to be used for anything that can only be defined at request time (think anything that comes along your application's API request).
You can easily model this using wildcards: