Allow an item to be accessed by allowed users only

I currently have a table for users, a table for groups, and a table of items
every user has many groups

and every item has many groups that can access the item, and a list of groups that can not access the item

the criteria is the user needs to be in the privileged groups and NOT in the unprivileged groups in order to access the item.

How can I achieve that?

In order to provide you a possible solution, it would be nice to know what you already tried. There are various authorization libs out there, have you had a look at them?

1 Like

No, but can you give me a library that can do that, also what I’ve done is a query to check for the list of allowed items for this user, and then select from the resulting list.

I would start by searching at Hex and see if there is a lib that supports it; if none supports your use case please let us know which libs you have examined.

Also there are quite a few blog posts that may help you.

1 Like

Thanks for the reference. I examined (bodyguard), (canary), (authorize) and I don’t find a way that I can list_items, the only thing I find is the ability to get a single entry after autherization,

my goal is to get every allowed item

I think I haven’t mentioned that in the original post but, yes your reply is helpful but I’m looking for that too