dabeast
12/20/2022, 2:30 AMuser:a#view_member:
- “[user:a] is <group:x#member>"
- “[user:b] is <group:x#manager>”
user:b#view_member:
- “[user:b] is <group:x#manager>”
dabeast
12/20/2022, 2:31 AMview_member
permission)Joey
12/20/2022, 2:42 AMview_member
permissiondabeast
12/20/2022, 2:43 AMcaveat
be appropriate here?Joey
12/20/2022, 2:44 AMJoey
12/20/2022, 2:44 AMdabeast
12/20/2022, 2:48 AMview_member
, but couldn't figure out how to, hence my question.Joey
12/20/2022, 2:50 AMJoey
12/20/2022, 2:50 AMJoey
12/20/2022, 2:50 AMdabeast
12/20/2022, 2:50 AMJoey
12/20/2022, 2:50 AMcan_be_viewed
permission on the userJoey
12/20/2022, 2:51 AMdabeast
12/20/2022, 2:58 AMdefinition user {
relation member_group : group#manager
permission can_be_viewed = member_group->group#view_member
}
Joey
12/20/2022, 2:58 AMdefinition user {
relation member_group : group
permission can_be_viewed = member_group->view_member
}
Joey
12/20/2022, 2:58 AMJoey
12/20/2022, 2:59 AMcan_be_viewed
will only be true for any user that shares a group with this userJoey
12/20/2022, 2:59 AMJoey
12/20/2022, 2:59 AMcan_be_viewed
permission on that userdabeast
12/20/2022, 3:14 AMJoey
12/20/2022, 3:17 AMdabeast
12/20/2022, 3:22 AMdefinition group {
relation manager: user
relation member: user
permission view_member = manager + member
}
but am not sure what the lookup-resources call should beJoey
12/20/2022, 3:25 AMdabeast
12/20/2022, 3:27 AMzed
... Any thoughts on what my call should be?Joey
12/20/2022, 3:28 AMdabeast
12/20/2022, 3:42 AMdabeast
12/20/2022, 3:43 AMzed permission lookup-resources user can_be_viewed user:b
gives no outputJoey
12/20/2022, 3:44 AMdabeast
12/20/2022, 3:46 AMJoey
12/20/2022, 4:07 AM