User needs to be part of specific N groups.(Sorry ...
# spicedbb
bala
02/27/2023, 2:11 PMUser needs to be part of specific N groups.(Sorry for the late response)
bala
02/28/2023, 12:25 PMCan we somehow use caveats to solve this, I am kind of stuck with this.
p
pdow
02/28/2023, 12:53 PMSounds like this might be another use-case for this proposal: https://github.com/authzed/spicedb/issues/597
b
bala
02/28/2023, 1:05 PMcool, should solve this problem. Is there any roadmap for this ?
p
pdow
02/28/2023, 1:06 PMOr, if N is constant, you could define N static relationships and then do an intersection of them
`relation link_1: some_resource_type`and then do
permission allowed = link_1 & link_2 & link_3pdow
02/28/2023, 1:07 PMI'd like to know myself, we've had a use-case for this for a long time but had to end up implementing it in our own middleware (just doing multiple permission checks and requiring them all to pass)
b
bala
02/28/2023, 1:08 PMyea I was able to do that way, but in our case N is not static.
https://discord.com/channels/844600078504951838/844600078948630559/1078323834094108692
bala
02/28/2023, 1:10 PMThen did you implement caching in the middleware as well, also reverse indexing could have potential performance problems ?
p
pdow
02/28/2023, 1:11 PMWe just do the checks all in parallel, for our use-case the performance is good enough without extra caching etc.
pdow
02/28/2023, 1:11 PMAnd we don't need to enumerate resources for this, just check specific ones. Enumerations would be much harder