I am trying to design a learning app with users, classroom, and articles.
My issue is how to represent the resources in keycloak to manage authorization.
I have two users:
- user1 belongs to classroom 1 and 2 and owns article1, article2, article3
- user 2 belongs to classroom 1
- article1 is owned by user1
- article2 is owned by user1
- article3 is owned by user1
How can I define resources so that user1 can share to everyone within classroom1? (eg: giving access to user2 indirectly).
Resources:
/classroom/1
/classroom/2
/articles/1
/articles/2
/articles/3
I am simplifying the issue but the pattern is similar to what I am trying to achieve.
Any help would be much appreciated.