Extend ACLs to control columns #33
Description
Since we're already configuring ACLs on the resource level, we can also add the option for an admin to limit the columns a client has access to.
amforeas.alias3.acl.rules.users.allow=read
amforeas.alias3.acl.rules.users.columns=id, email, name, age
This would affect inserts and updates, so non-defined (i.e. password in users) columns need to be nullable or any of these operations would fail.
We could also force that if the allow has any of all, insert or update rules, the columns property cannot be set. It would also be possible to show a warning:
Resource ${table} is limited to columns ${columns}. It's recommended the allow rule only applies "read" permissions or ignored columns are nullable.