Active organization membership | Permify | Page 1

brisk sage Aug 12, 2024, 11:41 AM

#

Hi @dawn quartz, does Contextual Permissions (https://docs.permify.co/operations/contextual-tuples) can solve your issue ?

#

You can send "active" attribute alongisde with the request.

#

Other than Contextual Permissions, you can directly create attribute in the organization entity

entity organization {

    relation member @user @organization#member
    attribute is_active boolean

    action view = member
}

then create the attribute data as: organization:1$is_active|boolean:true

dawn quartz Aug 12, 2024, 12:01 PM

#

@brisk sage I don't think this would work as it is the organization members who can be active or inactive, not the organisation. Also, we want to avoid contextual permissions as we don't want to have to fetch this data before every access request

brisk sage Aug 12, 2024, 1:08 PM

#

Understood I restructure the schema with relationships:

entity user {}

entity organization {

    relation active_user @user 
    relation member @user @organization#member

    action view = member and active_user
}

e.g user:1 can view in organization:1 if user:1 has these relationships

organization:1#active_user@user:1
organization:1#member@user:1

#

Could this help ? so currently an entity cannot call attributes from another entity. So if you go with attributes you should create an attribute such as "is_active_member" in org entity.

#Active organization membership