[keycloak-user] Share resource by checking if some other user is in a certain group
Or Harary
harary.or at gmail.com
Tue Feb 13 13:50:02 EST 2018
Hello,
After some time of using keycloak which works great for most of my demands,
I wanted to know if it's possible to create a permission with a policy that
will tell me if some user (not the one which is logged in) is within a
certain group.
For example:
User 1 have a digital wallet.
This digital wallet have a resource:
name: /wallet/{wallet-id}
uri: /{user-1-id}/wallet/{wallet-id}
scopes: charge/read/...
User 2 have a company which is represented as a group
User 2 wants to charge user 1 digital wallet but I want him to only be able
to do so when user 1 is inside user 2 company's group
How can I check this with a policy?
Or somehow share user 1 resource with user 2 by a policy?
Thanks!
More information about the keycloak-user
mailing list