-
Hello there :-) I was wondering if someone from developer team can help us with suggestion or some guidance. Any tips and suggestions are appreciated. Thanks! Our client requested fine-grained permission system for the custom app we build. The custom application contains multiple views/pages and should only be used by specific user groups. We are currently only checking 'ViewProducts' as generic access permission test. After consulting the ct permission docs we concluded that, we can't create our own permissions like 'ViewCustomAuditLog', 'ViewCustomOrderHandling', 'ViewCustomDataExport' ... Is this conclusion correct? We're currently thinking about dirty workarounds e.g. using naming convention in user group names and stuff like this. (If user X is member of group AuditLog show audit log in custom application.) The idea was inspired by inspecting some GraphQL calls. 'FetchLoggedInUser' in particular is interesting one, but return type 'User' misses any user group information.
Best Regards, Chris |
Beta Was this translation helpful? Give feedback.
Replies: 2 comments 2 replies
-
Hello @cb-adesso, thank you for creating a discussion regarding this topic! At the moment, our new "Organization-level" Custom Applications don't support such granular permissions. Permissions like We understand that this is essential functionality for our users, so we're planning to introduce granular permissions for Custom Applications as soon as possible. We have just finalized the RFC for this feature and will start the development soon. You can follow this issue to get updates regarding the development progress. On a side note, could you share with us your timeline, so that we could help you with a temporary solution in case you cannot wait for the granular permissions to be officially introduced? |
Beta Was this translation helpful? Give feedback.
-
To sum up the discussion. There will be proper feature for scopes and permission in custom app is planed. Rough ETA Q4/2022 perhaps Q1/2022. Official announcement, see CT partner newsletter. For the @mmaltsev-ct showed us a workaround to bridge the time until feature is released. Thank you! |
Beta Was this translation helpful? Give feedback.
To sum up the discussion. There will be proper feature for scopes and permission in custom app is planed. Rough ETA Q4/2022 perhaps Q1/2022. Official announcement, see CT partner newsletter.
For the @mmaltsev-ct showed us a workaround to bridge the time until feature is released.
Thank you!