Hello
I have a question when using nestJS with gra...
# helpp
Petar Mrdalj
11/14/2022, 11:20 AMHello
I have a question when using nestJS with graphQL and cerbos
Currently I have implemented an interceptor which is called before the resolver mutation code is actually called which is the behaviour I am expecting.
While using grpc I need to provide a resource id which is not the case as to when using http:
Copy code
principal: {
id: userData.userId,
roles: userData.roles,
},
resource: {
kind: cerbosObject,
id: "1",
},
action: host.getHandler().name,a
Alex Olivier (Cerbos)
11/14/2022, 11:24 AM
In this case we recommend just putting in a static value of βnewβ so similar. Whatever value you use will appear in the audit logs also. For deleting in most cases you would have the ID of the the resource being deleted I assume?
p
Petar Mrdalj
11/14/2022, 11:33 AM@Alex Olivier (Cerbos) Thanks for the quick response! π Checking it out
π 1
a
Andrew Haines (Cerbos)
11/15/2022, 11:28 AM
Another way to get around not having an ID for new resources is that I often put the "create" action on a parent resource. Typically there's logic related to the parent to determine if you can create a child anyway.
For example, if your resources were
folderfilecreateFilefoldercreatefileπ 1
p
Petar Mrdalj
11/15/2022, 11:35 AMThanks @Andrew Haines (Cerbos) currently we have done something similar based on the previous answer.
We created a higher level policy which actually determines the access level and after that we are using specific resource access policies π
Currently still testing but looks good
Btw nice alpaca π
a
Andrew Haines (Cerbos)
11/15/2022, 11:37 AM
Awesome! Thanks π π¦
5 Views