Arash
01/24/2022, 7:02 PMorganization
and user
definitions that you'd see in most examples. I've also read through the github and watched the google groups blog posts, but I haven't found a elegant/recommended/typical way to model an edit
permission on a user. In my model, the only ones that should be allowed to edit a user's profile are:
* The user themself
* An administrator.
I've modeled the ability to edit one's personal profile with a self
relation in the user
definition, but it seems inelegant. Is there a simpler pattern that I'm missing? Thanks in advance.
definition user {
relation self: user
relation viewer: user
relation organization: organization
permission edit = self + organization->create_user
permission view = viewer + edit + organization->member
}
definition organization {
relation admin: user
relation direct_member: user
permission member = admin + direct_member
permission create_user = admin
}