有没有兴趣支持Graphql跟ABAC权限模型

[Jamel-jun]

有一些时候 角色并不是很好的选择。
如：我想针对每个前端按钮进行权限控制。
针对某一个用户做权限控制，而不影响到其他相同的权限。

同时第二个想法：
是否可以侵入到响应模型字段，比如admin角色下展示用户的明文密码，审计员则不展示用户的密码，用户自己展示自己的加密密码。

[Issues-translate-bot]

Bot detected the issue body's language is not English, translate it automatically. 👯👭🏻🧑‍🤝‍🧑👫🧑🏿‍🤝‍🧑🏻👩🏾‍🤝‍👨🏿👬🏿

---

There are times when characters aren't good choices.
For example: I want to control permissions for each front-end button.
Do permission control for a certain user without affecting other same permissions.

Meanwhile second thought:
Whether it is possible to intrude into the response model field, for example, the user's plaintext password is displayed under the admin role, but the auditor does not display the user's password, and the user displays his own encrypted password.

[Jamel-jun]

There are times when characters aren't good choices.
For example: I want to control permissions for each front-end button.
Do permission control for a certain user without affecting other same permissions.

Meanwhile second thoughts:
Whether it is possible to intrude into the response model field, for example, the user's plaintext password is displayed under the admin role, but the auditor does not display the user's password, and the user displays his own encrypted password.

[tomsun28]

hi 我们这个设计的就是面向角色的API权限控制，目前没有规划支持ABAC

是否可以侵入到响应模型字段，比如admin角色下展示用户的明文密码，审计员则不展示用户的密码，用户自己展示自己的加密密码。

我觉得这个应该是业务去自己实现比较好，框架不能通用实现它

[Issues-translate-bot]

Bot detected the issue body's language is not English, translate it automatically. 👯👭🏻🧑‍🤝‍🧑👫🧑🏿‍🤝‍🧑🏻👩🏾‍🤝‍👨🏿👬🏿

---

hi Our design is role-oriented API permission control, currently there is no plan to support ABAC

Whether it is possible to intrude into the response model field, for example, the user's plaintext password is displayed under the admin role, but the auditor does not display the user's password, and the user displays his own encrypted password.

I think it is better for the business to implement it by itself, and the framework cannot implement it universally.