Hello !
In some cases, we are confronted to situations where there is a conflict between two or more rules.
Let’s considers theses entities :
- user : an generic user
- roleA : allow of a permission (like Update records of module X )
- roleB : deny of a permission (like Update records of module X )
Here is some situations with a potential conflict:
- user is member of roleA and roleB
- user is member of roleA and roleB
- user is member of roleA and roleB is a contextual role (with expression = true)
- user is member of roleA (or roleB) but the permission is opposite than the one in Authentificated role.
I tried to dig into the documentation, but I didn’t find any notion about this. All I found is that Corteza uses a flat design and does not use hierarchy roles.
Can someone tell what would be the result of these situations ? This will definitely help a lot of us.
Thank you !