User needs to be part of specific N groups.(Sorry ...
# spicedb
User needs to be part of specific N groups.(Sorry for the late response)
Can we somehow use caveats to solve this, I am kind of stuck with this.
Sounds like this might be another use-case for this proposal:
cool, should solve this problem. Is there any roadmap for this ?
Or, if N is constant, you could define N static relationships and then do an intersection of them `relation link_1: some_resource_type`and then do
permission allowed = link_1 & link_2 & link_3
I'd like to know myself, we've had a use-case for this for a long time but had to end up implementing it in our own middleware (just doing multiple permission checks and requiring them all to pass)
yea I was able to do that way, but in our case N is not static.
Then did you implement caching in the middleware as well, also reverse indexing could have potential performance problems ?
We just do the checks all in parallel, for our use-case the performance is good enough without extra caching etc.
And we don't need to enumerate resources for this, just check specific ones. Enumerations would be much harder