Assigning user roles with an associated project id

Hello,

I’m trying to implement authorization based on a combination of user roles and projects. If a user has a specific role for a project, then it will be given certain permissions only within the project. I want to be able to add multiple user roles attached to multiple projects for one user.

For example:

projects

id and data would be pulled from personal database

  • project 1
  • project 2

roles

  • admin: doesn’t need project assigned, manages multiple projects
  • team lead: can access across an entire project
  • team member: can only access specific data within a project

One user can be a team lead for project 1, and a team member for project 2.


potential solutions

I’ve seen solutions involving groups, but because the nature of projects (want it to be easy to CRUD projects for admins), using groups seems too permanent.

I also considered a solution where I would store role and project combinations into a user’s app metadata:
userRoles: [
{
role: ‘team lead’,
project: ‘project 1’
},
{
role:‘team member’,
project: ‘project 2’
}
]

Though I am not sure if this is really a viable option. Does anyone have any other ideas as to how I can go about this?

Hi @izzopod,

Welcome to the Community!

For some of our extensions, we name the extension in the role.

Like this:

  • Extension A - Admin
  • Extension B - User
  • Extension C - Admin
    etc…

This is all using the RBAC Core feature set.