Перейти к основному контенту

Права доступа к данным

We have two solutions for data permissions (filtering): using implicit assignment APIs or using the BatchEnforce() API.

1. Query Implicit Roles or Permissions

When a user inherits a role or permission via an RBAC hierarchy instead of being directly assigned them in a policy rule, we refer to this type of assignment as "implicit". To query such implicit relations, you need to use the following two APIs: GetImplicitRolesForUser() and GetImplicitPermissionsForUser(), instead of GetRolesForUser() and GetPermissionsForUser(). For more details, please refer to this GitHub issue.

2. Использовать BatchEnforce()

BatchEnforce() enforces each request and returns the results in a boolean array.


boolArray, err := e.BatchEnforce(requests)