skinny-azureS
Refineβ€’3y agoβ€’
45 replies
skinny-azure

Access parent or parentName or dataProviderName inside of the accessControlProvider Property

We are currently working on the integration of ACLs into our project, but we're stumbling across the passed in params object. First of all for clarification some code:
accessControlProvider={{
  can: async ({ action, params, resource }) => {
    const enforcer = await newEnforcer(
      newModel(authStore.model),
      new StringAdapter(authStore.policies),
    );
    if (resource === 'dashboard') {
      return Promise.resolve({ can: true });
    }

    const parent = params?.resource?.meta?.parent;

    return {
      can: await enforcer.enforce(parent, resource, action),
    };
  },
}}


The code does what it should, but only on the Landingpage, where the params.resource will always hold the actual resource it is asking for.

As soon as we move to the List-Page, the checks are run again, but this time for every resource item (i.e. specific post) inside of the list. This time the params.resource is {id: 1} where it holds the resource items ID. This means we can no longer access the params?.resource?.meta?.parent. I thought about using useResource, but that seems a bit like a hacky workaround to me.

Any idea on how to solve this? πŸ˜…
Was this page helpful?