Are there permissions available?

[rafaellehmkuhl]

On the example client (example/client/src/index.js) you use permissions for displaying or not the users section:

{permissions => [
    <Resource name="posts" {...posts} />,
    <Resource name="comments" {...comments} />,
    permissions ? <Resource name="users" {...users} /> : null,
    <Resource name="tags" {...tags} />,
]}

Are those permissions available? Because as far as I could see on the tokenAuthProvider.ts, only the authentication token is stored locally.

[rafaellehmkuhl]

If you like the idea, I'm thinking about submitting a PR adding the user groups to the token response, like this:

from rest_framework.authtoken.views import ObtainAuthToken
from rest_framework.authtoken.models import Token
from rest_framework.response import Response

class CustomAuthToken(ObtainAuthToken):

    def post(self, request, *args, **kwargs):
        serializer = self.serializer_class(data=request.data,
                                           context={'request': request})
        serializer.is_valid(raise_exception=True)
        user = serializer.validated_data['user']
        token, created = Token.objects.get_or_create(user=user)
        return Response({
            'token': token.key,
            'roles': [g.name for g in user.groups.all()]
        })

which would substitute the default ObtainAuthToken view, and making the corresponding changes on the tokenAuthProvider to make the roles available at the permissions.

[mmodenesi]

Would love to have this.

[vahidqo]

@rafaellehmkuhl could you please explain your method for permission more?

[rafaellehmkuhl]

Sorry, but it has been a long time since I've worked with this and I honest have no clue 😅

@rafaellehmkuhl could you please explain your method for permission more?