how can we add resource and its sub-resources?

[riyazatsdgt]

I want to implement resource hierarchy. anyone can help?

[john-osullivan]

Based on my understanding of this library, resources is essentially a flat list. Maybe try recasting the problem such that you can build it into a role hierarchy? Suppose you have parentResources and childResources, and a user gets the parentResource-1/READ role which gives them permission to read that given parentResource. You could make that role the child of the childResource-1/READ role such that they'd also get read permission on the given childResource.

Combining a resource hierarchy with the role hierarchy seems like it would lead to confusing questions about what permissions you're actually granting when you give a role permissions on a resource.

[wparad]

Surprised that this question is still open, the truth is it isn't very difficult and there are already a number of available solutions which do this, it just isn't supported in this library.

The lack of funcitonality here is exactly why solutions like PolicyServer and Authress exist which do handle wildcard middleware and dynamic resource hierarchies.

Usually these don't cause problems, but instead resolve the issues with authorization and policy access.