You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Hi,
I run into a problem while trying to handle the following situation:
I want that all users can read their things:
can('read','Thing',{"owners.user_id": user.id})
But i want also to add a specific rule to permit to alice to read a Thing that she doesn't own (the thing with id 3), so I have an additional rule for alice that says:
Hi,
I run into a problem while trying to handle the following situation:
I want that all users can
read
their things:But i want also to add a specific rule to permit to
alice
to read a Thing that she doesn't own (the thing with id 3), so I have an additional rule for alice that says:This situation results in a SQL statement similar to:
That works as expected until the thing 3 has at least an owner, otherwise the thing 3 is filtered out by the
INNER JOIN
.Using
LEFT JOIN
should fix this issue and afaik it wouldn't introduce any other problem.What do you think about it? If you are ok with it I can work on a PR to replace INNER JOIN with LEFT JOIN. Thanks!
The text was updated successfully, but these errors were encountered: