{ "description": "basic permissions check", "depends": [ "author_article_category.json" ], "items": [ { "name": "declare select permissions on category", "status_code": 200, "url": "/api/1/query", "role": "admin", "user_id": "1", "method": "POST", "request": { "kind": "create_select_permission", "body": { "role": "user", "table": "category", "perm": { "columns": [ "id", "name", "description" ], "filter": {} } } } }, { "name": "declare select permissions on author", "status_code": 200, "url": "/api/1/query", "role": "admin", "user_id": "1", "method": "POST", "request": { "kind": "create_select_permission", "body": { "role": "user", "table": "author", "perm": { "columns": [ "id", "name", "auth_id" ], "filter": { "auth_id": "REQ_USER_ID" } } } } }, { "name": "declare update permissions on author", "status_code": 200, "url": "/api/1/query", "role": "admin", "user_id": "1", "method": "POST", "request": { "kind": "create_update_permission", "body": { "role": "user", "table": "author", "perm": { "columns": [ "name" ], "filter": { "auth_id": "REQ_USER_ID" } } } } }, { "name": "declare insert permissions on article", "status_code": 200, "url": "/api/1/query", "role": "admin", "user_id": "1", "method": "POST", "request": { "kind": "create_insert_permission", "body": { "role": "user", "table": "article", "perm": { "check": { "author": { "auth_id": "REQ_USER_ID" } } } } } }, { "name": "declare select permissions on article", "status_code": 200, "url": "/api/1/query", "role": "admin", "user_id": "1", "method": "POST", "request": { "kind": "create_select_permission", "body": { "role": "user", "table": "article", "perm": { "override": { "author": { "columns": [ "id", "name" ] } }, "columns": [ "id", "title", "content", "is_published", "rating", "author_id" ], "filter": { "$or": [ { "author": { "auth_id": "REQ_USER_ID" } }, { "is_published": true } ] } } } } }, { "name": "declare update permissions on article", "status_code": 200, "url": "/api/1/query", "role": "admin", "user_id": "1", "method": "POST", "request": { "kind": "create_update_permission", "body": { "role": "user", "table": "article", "perm": { "columns": [ "title", "content", "is_published", "rating" ], "filter": { "author": { "auth_id": "REQ_USER_ID" } } } } } }, { "name": "declare delete permissions on article", "status_code": 200, "url": "/api/1/query", "role": "admin", "user_id": "1", "method": "POST", "request": { "kind": "create_delete_permission", "body": { "role": "user", "table": "article", "perm": { "filter": { "author": { "auth_id": "REQ_USER_ID" } } } } } } ] }