Hello,
We are using Micro frontend for certain feature development, now there is a requirement to restrict the access of Micro frontend based on user role.
Is there any way we can restrict as we do for applications?
I am not looking to achieve this through code.
Thanks,
Divya K
Can you provide a bit more details or e.g. an example of what you want to achieve?
In general you could just create multiple applications with different sets of plugins installed and then restrict the access to those applications based on user roles.
As a plugin developer there are options to only provide certain functionalities in case the user accessing the application has the required permissions.
Thanks for the response @Tristan_Bastian.
The use case would be, we have a custom application, that has 4 plugins installed into it. Each plugin deals with specific inventory managed objects(i.e., the type would be c8y_worker,c8y_schedule), now we want to restrict who can only read and read and write these managed objects.
If you really want to restrict who can read/write these managed objects, you want to have a microservice with custom permissions for every type of managed object and remove the global inventory read & write permissions from all users. All requests to retrieve and make changes to these objects should then go through the microservice.
Just checking for global roles assigned to the current user will not prevent the user from editing these managed objects via API.
Your UI plugins could then check if the current user has the permissions to access a specific managed object type and depending on that show/hide certain functionality.