https://cerbos.dev logo
#help
Title
# help
l

Logan

06/19/2023, 8:27 PM
Helloooo - we're in the process of evaluating Cerbos as a authorization provider, and I'm looking for a concrete example for how we'd support something like "list all orders the user has access to"? AFAIK, we'd be looking at using the
Query Planner API
, but I'm curious if there are any examples on how it's used? A bit more about our setup below: •
node
+
graphql
+
mongodb w/ mongoose
backend • We have
businesses
with
users
and
orders
attached to them ◦
business
<->
user
is an
n:m
relation ◦
business
<->
order
is a
1:n
relation • Users are assigned roles on a business by business basis ◦
viewer
-> can
read
all business orders ◦
owner
-> can
read
and
update
all business orders ◦
contractor
-> can
read
some business orders (contractors are granted read permissions to a specific set of orders on a case by case basis) Authorizing standard CRUD operations on a single
order
resource has been straightforward, but I'm not exactly sure how we should go about fetching and paginating a list of orders the a
user
can
view
for a given
business
Any insight would be helpful!
s

Stephen Raymond Jr

06/19/2023, 8:32 PM
there's a couple repos with examples in the cerbos github org https://github.com/cerbos?q=query&amp;type=all&amp;language=&amp;sort=
l

Logan

06/19/2023, 8:41 PM
Gotcha - the
demo-app-expenses
[github] seems to have an example of a
list
operation. Thanks!
d

Dennis (Cerbos)

06/19/2023, 9:16 PM
l

Logan

06/19/2023, 9:30 PM
Rad - we unfortunately don't use Prisma, but helpful none-the-less, thanks!
e

Emre (Cerbos)

06/20/2023, 7:34 AM
Hi Logan, What database do you use? What library or ORM do you use to connect to it?
d

Dennis (Cerbos)

06/20/2023, 8:32 AM
It’s
mongodb w/ mongoose
a

Alex Olivier (Cerbos)

06/27/2023, 9:21 PM
Hey @Logan we have an alpha version of a mongoose adapter published as
@cerbos/orm-mongoose
with the PR up here https://github.com/cerbos/query-plan-adapters/pull/16 if you would be willing to try it out
3 Views