Questions tagged [permissions]
The permissions tag has no summary.
99 questions
3 votes
1 answer
699 views
RBAC vs PBAC vs ACL
I’m trying to clarify the difference between Role-based Access Control, Policy-based Access Control, and Access Control List when designing an authorization system. I have two scenarios: Scenario A I ...
- 43
1 vote
1 answer
148 views
Single-source data warehouse permissions management
We (Data Platform team) are reviewing how we configure and apply permissions against our data warehouse objects, and I'm curious what tools or custom systems you might be using for this. For context ...
- 21
0 votes
3 answers
655 views
Where should my users permissions live?
I'm building an application that allows the creation of users. These users can have profiles which define their permissions, as well as be given specific permissions. Now I'm struggling on deciding ...
- 1,191
0 votes
0 answers
63 views
Cascading ACL to embedded objects
We have an object Root, which references many other objects. Which eventually is translated into FKs on the DB level. We came up with an ACL scheme where there's a separate permissions table with the ...
1 vote
3 answers
533 views
Is in my case role based access better than permissions?
Hello StackExchange community, I'm in a bit of an impasse for my current project. The software in question is a collaborative program designed to let employees work together on the platform and assign ...
- 21
6 votes
6 answers
557 views
Best practice to architect a system in which local users may override global definitions
Our travel industry client, operating across three continents and several countries, wants to standardize the process of choosing travel packages, air routes, hotels, and hundreds of other travel ...
- 77
0 votes
1 answer
946 views
RBAC - using database vs hard coded
I need to implement RBAC in a project I'm working on, and I'm fairly new to the concept. I am trying to figure out the best way to implement it. The most common approach seems to be to create roles ...
- 149
2 votes
4 answers
2k views
REST API include permissions into resource
We currently have REST API, where you have a set of different resources, like: GET /cats GET /cats/{catId} GET /dogs Clients decide whether they can perform an action based on resource permissions. ...
