https://authzed.com logo
Title
s

Singha1

01/26/2023, 4:46 PM
How can I improve Schema for, There are APIs and APIs have response fields. If user is allowed at API level, they get access on all fields of an API. User can be restricted to specific fields of a given API. I am able to model this, as below definition api {     relation allowed: externaluser     permission view = (allowed) - restricted } 
 definition api_response_fields {     relation api: api     relation restricted: externaluser     permission view = (api->view) - restricted } but challenge with this schema is, I have to make multiple checks to make correct decision, to check field level access for a user for a given API. 1. Get all the fields for a given API. 2. Check User’s access on those specific fields.