You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Currently roles are exported with their ID's and used in permissions to reference which role has a specific permission. This does make reading the permissions config a bit hard as role ids are UUID and don't make much sense unless you map them to the role in the roles.yaml file.
So far I see one solution with two ways to implement, but both do have down sides.
Solution: Use the role's name instead of the id
Implementation 1 Use the role's name as reference in the permissions, but map it to the roles.yaml file where the original role ID can be found.
Renaming a role would require a search and replace across all permissions (carefully)
Implementation 2: Don't store any role ids, just use the role's name as reference, both in permissions and roles.yaml
Renaming a role would involve a full export of all permissions again. This can be done via a hook.
Any renaming would require keeping track of previous names in order to sync back into other environments, this could be tricky and opens a can of exceptions that could make the update fail.
Both implementations could be triggered automatically, but no. 1 seems the safer option. It would give us the original IDs to be able to update the roles when needed, as well as provide the benefit of understanding the permissions better by using names as references.
Any suggestions.
The text was updated successfully, but these errors were encountered:
Currently roles are exported with their ID's and used in permissions to reference which role has a specific permission. This does make reading the permissions config a bit hard as role ids are UUID and don't make much sense unless you map them to the role in the
roles.yamlfile.So far I see one solution with two ways to implement, but both do have down sides.
Solution: Use the role's name instead of the id
Implementation 1 Use the role's name as reference in the permissions, but map it to the
roles.yamlfile where the original role ID can be found.Implementation 2: Don't store any role ids, just use the role's name as reference, both in permissions and
roles.yamlBoth implementations could be triggered automatically, but no. 1 seems the safer option. It would give us the original IDs to be able to update the roles when needed, as well as provide the benefit of understanding the permissions better by using names as references.
Any suggestions.
The text was updated successfully, but these errors were encountered: