Consider introducing a new authorization rules model #13277
Labels
theme: partner-use-cases
Use cases we identified with a partner (an established contributor)
type: enhancement
A general enhancement
Comments
|
It might be useful for you to provide an example of where the current authorization is not working and what it might look like from a users perspective. |
sjohnr
added
the
theme: partner-use-cases
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
We should consider introducing a new authorization rules model.
Defining the authorization rules should be simple and natural and more importantly should work with any "secured resource". The "secured resource" could be any of the following: a web endpoint, an object instance, a method on an object instance, a group of object instances, etc.
We should also ensure that other 3rd party authorization libraries/frameworks can be plugged-in as extension implementations.
Related gh-13266
The text was updated successfully, but these errors were encountered: