Restrict actions of the marketplace based on sets of permissions #849
Comments
|
This will block on balanced/balanced-api#290 but we can build this into the app right now. Let's assume that the auth server will return a list of permissions and these permissions will reflect actions available to the dashboard. By parsing this list of permissions the dashboard should be able to toggle the buttons and other UI features available to the end user so they do not try and perform operations that they are not allowed to do. In the balanced application we generate enumerate permissions by controller and then an action on the controller. For example: We can begin implementing such a system by writing or integrating a small framework that will toggle functionality by checking for a required permission on the selected marketplace or user. |
|
@daliwali @tarunc @tomdale does Ember.js have a standardized way of using permissions to toggle functionality? There's a few hits on the Google but nothing baked into the core yet from the looks of it. |
|
Good article http://livsey.org/blog/2012/10/16/writing-a-helper-to-check-permissions-in-ember-dot-js/ on this. Seems like we will need to do some version of: |
User Feature:
If I use an API key that can't create debits, I shouldn't be able to create debits on my marketplace.
The text was updated successfully, but these errors were encountered: