This repository has been archived by the owner on Feb 24, 2024. It is now read-only.
Feat buffalo Plugin : Authorization & Access Control / library #1850
Comments
|
An idea of implementation : We could be using a library like this one : https://github.com/casbin/casbin
|
|
FYI, there's already a Casbin middleware for Buffalo: https://github.com/kgosse/buffalo-mw-rbac |
|
This would be best achieved through a 3rd party package or plugin. It is outside the scope of Buffalo core. |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Description
Before running a buffalo project in production, most of the developers will have to implement an access control policy. "Who can access what resource and read, write, create it. "
This task is quite time consuming today with buffalo. One must create a "scoping" middle ware function for each resource. You will need to repeat yourself for every new buffalo project.
Developing such middle-ware is prone to error and mistakes ( as any development). Also making an error in security is a big deal; and is a big concern nowadays.
We could gain a lot in agility concerning the AC. Think adding a "marketing role" means scanning your scope function(s) and re compiling the binary.
An Access control with a plugin would be a great feature that would standardize, provide a kind of "security by design" and remove the pain of redoing the same code. Moreover this common task could have support & improvments from the community.
Steps to Reproduce the Problem
Create a new project today and you will need in 2 months to set a AC system.
Please give your ideas in comments.
The text was updated successfully, but these errors were encountered: