https://linen.dev logo
Join Slack
Powered by
# general
  • p
    Hello @Nathan Rydel! Welcome to the community! Let us know how we can help
  • p
    Hello @Imran Bohoran! Glad to have you here! Ask me anything!
  • m
    Hi Team, We have need to implement a simple RBAC + ReBAC access control model and I'd like to validate the approach and design. Our Use Case I have a system with organizations, and each organization contains projects and users. Every user in an organization is assigned the member role by default. Members are allowed to create projects. Each project has its own project-level roles: - project_admin - project_member When a user (who is an member) creates a project, they automatically become the project_admin for that specific project. A project_admin can: Add or remove project_members Add or remove project_admins Current Permission Model Resource Types - project Roles - member - project#project_admin - project#project_member Each role has specific allowed actions on the resource types. Example permission check:
    Copy code
    {
  "user": {
    "key": "user_id1"
  },
  "action": "create",
  "resource": {
    "type": "project",
    "tenant": "default",
    "key": "project_test10"
  },
  "context": {}
}
    Is this RBAC + ReBAC design and resource-instance model valid for Permit.io for this use case? Any other design options/candidates that you'd recommend? In the first iteration, we'd like to use the cloud PDP exclusively without a local PDP setup. Is there a another approach where this kind of permission model can be supported by exclusively using cloud PDP?
    a
    a
    +2
    • 5
    • 17
  • p
    Hi @Charlie Cetin! Good to see you here. I’m available for anything you might need 😊
  • p
    Hey @Anuradha Weeraman! Welcome! I’m available for anything you might need check
  • p
    Hello @Bartosz Wasilewski! Good to have you with us! Happy to answer questions! 👋
  • p
    Hey @Matan Benjio! Glad to have you here! Happy to answer questions! 😊
  • p
    Hey @Suman.p! Welcome to the community! Let us know how we can help 💜
    💜 1
  • b
    Hi team, I'm integrating Trino with Permit.io for Row Filtering and Column Masking. However, I'm facing a 'deny-all' behavior. Trino sends authorization checks for everything (loading catalogs, system metadata, etc.), and the OPA logs show that every single request is returning 
    result: false
    . Could you please help me identify the root cause of this issue?
    a
    d
    • 3
    • 5
  • p
    Hello @Tal Cohen! Good to see you here. Let us know how we can help 🌸
  • p
    Hi @Mudasser Jalal! Good to have you with us! Let us know how we can help ✌️
  • s
    This message was deleted.
    p
    o
    • 3
    • 2
  • p
    Hey @Jared Peña Ochoa! Welcome! Let me know if there's anything I can help you with 😊
    🙌 1
  • p
    Hi @Vinicius Henrique! Welcome to the community! Ask me anything! 💜
    🙌 1
  • p
    Hello @Jakub Urban! Glad to have you here! Let me know if you have any questions ✌️
  • p
    Hi @Sara Wachulec! Welcome to the community! Feel free to ask us anything! 👋
  • p
    Hi @Linus Hakansson! Welcome! Let me know if there's anything I can help you with 😊
    👋 1
  • p
    Hey @Adam Kopp! Welcome to the community! Let me know if you have any questions
  • a
    Hello! Having trouble starting the PDP as a Google Cloud Run service. where should i go to ask questions?
    o
    • 2
    • 2
  • p
    Hello @Jorge Rodriguez! Good to see you here. Let us know how we can help 👋
  • p
    Hello @Nikhil Handyal! Welcome! I’m available for anything you might need 🌸
  • p
    Hi @Rodrigo Caamano! Welcome! Ask me anything!
  • p
    Hey @Siddharth Sharma! Welcome to the community! Let me know if you have any questions 🌸
  • s
    Hi - It seems SSO is not working. I am trying to use my official work email to log into the permit app but it is giving me an error saying SSO is not working. Please contact support. Any fix on this?
    a
    o
    • 3
    • 3
  • p
    Hi @Himanshi Gaur! Welcome! I’m available for anything you might need check
  • p
    Hi @Mia! Welcome to the community! Let me know if there's anything I can help you with
  • p
    Hello @Samuel Taylor! Welcome to the community! Feel free to ask us anything! 🌸
  • t
    My friend recently published an article that explores building multi-tier data APIs with dynamic authorization—no hardcoded limits required. The piece builds on the excellent foundation laid by Permit.io and Dan Yishai's work on database-level authorization with Trino. I wanted to take that concept further by showing how to implement flexible, policy-driven data access across different tiers. 🔗 Article: "Build a Multi-Tier Data API Without Hardcoding Limits Using Trino and Permit.io" https://medium.com/@isijolajerry/build-a-multi-tier-data-api-without-hardcoding-limits-using-trino-and-permit-io-cda2c0d16ce4 Key highlights: • Dynamic authorization at the database level • Scalable approach for tiered data access • Practical implementation patterns with Trino and Permit.io I'd love to hear your thoughts, especially if you've tackled similar challenges with data authorization and API design. #DataEngineering #Authorization #API #Trino #DatabaseSecurity
    🤘 2
    🚀 2
    partycat 5
    o
    • 2
    • 1
  • p
    Hi @ROMAN VAZQUEZ MACIAS! Welcome! Feel free to ask us anything! 💪
  • p
    Hi @Tamara! Good to see you here. Let me know if you need my help check
    👀 1