For RBAC, is it possible to get a list of permissions for a given role?
The use case would be that an app will show/hide UI elements depending on permissions.
eg: Hide button if the permission list does not include user.create
@cvr Hi, please refer the doc here. My understanding your request is not possible with the below reasons:
"Unfortunately, RBAC still has drawbacks. Imagine a company with 100k employees and thousands of roles with specific permissions or a microservices architecture with thousands of services, each needing fine-grained access to features and functionality of other microservices. Thousands of services each of which has its own unique set of permissions for how and when they can interact with each other. Building for these scenarios with RBAC introduces a lot of complexity
- The number of roles will explode making management a nightmare.
- The scale makes it hard to validate and audit access. Nothing can stop me from accidentally assigning a user or service to the wrong group giving them wrong privileges.
- To handle this scale, roles become more generic and apply to many users or many services.
And it still doesn’t address user specific data."