摘要 |
A first request to change a permission of a first user for accessing a first resource is received via a service application programming interface (API) of an authorization server. In response to the first request, a first resource-based permission data structure associated with the first resource is accessed to identify an entry associated with the first user, wherein the first resource-based permission data structure has a plurality of entries corresponding to a plurality of users, respectively, each user being associated with one or more permissions for accessing the first resource. Further, one or more permissions in the identified entry associated with the first user are updated. |
主权项 |
1. A method comprising:
receiving, by a processing device via a service application programming interface (API) of an authorization server, a first request to change a permission of a first user for accessing a first resource; in response to the first request, determining, by the processing device and in view of a resource-based master data structure, a first resource-based permission data structure of a plurality of resource-based permission data structures, the first resource-based permission data structure associated with the first resource; accessing, by the processing device, the first resource-based permission data structure to identify an entry associated with the first user, the first resource-based permission data structure having a plurality of entries corresponding to a plurality of users, respectively, each user being associated with one or more permissions for accessing the first resource, the plurality of users comprising the first user; and responsive to determining that a requester of the first request is authorized to change permissions of the first user for accessing the first resource, updating, by the processing device, one or more permissions in the identified entry associated with the first user. |