Alberto Cunha
07/12/2023, 8:48 PMplanResources
before fetching request data with await next()
. This is to append a filter to the query if it's a 'find' action. I do this through a queryPlanToStrapi
function that maps Cerbos conditions and creates filters for Strapi.
2. After the data is retrieved, I verify access control on the remaining resource actions with Cerbos.
3. Since Strapi and Sift.js are similar I use a querySiftFilters
very similar to queryPlanToStrapi
to create filters that sift can use and I'm planing to iterate the response (ctx.body.data
) to filter the queried data after await next() and exclude items from the relation that weren't meant to be retrieved. (I'm still working on this and looking for better approaches).
Is there a better approach? Perhaps a library that can directly convert from Cerbos AST condition and filter a list of nested objects?
Any help or insight would be greatly appreciated.Alex Olivier (Cerbos)
Alberto Cunha
07/13/2023, 3:28 PMAlex Olivier (Cerbos)
Alberto Cunha
07/13/2023, 9:35 PM