It would be nice to allow certain roles to not have access to certain endpoints or even more granular certain resource methods per endpoint.

Comments

marcingy’s picture

This sounds good as a concept.

ygerasimov’s picture

I think restrict per endpoint is worth implementing, but per resource method is a bit too much. I mean if it will be needed for someone he can alter resources and put his own access callback to set logic there.

Out of box we can generate permissions "access to endpoint X" so administrator can set access rights for different roles per endpoint.

kylebrowning’s picture

Category: feature » task
kylebrowning’s picture

Status: Active » Closed (won't fix)

4.x