PDP Hierarchy Support

I would like to see PDP policies be able to support hierarchies such that given a table of users, a column of which is a user's path to the top level (ie <my employee ID>|<managers employee ID>|<manager's manager's employee ID>| etc. up to CEO/President), I would be able to write a rule like:

If this path column contains my employee ID, I should have access to this row.

This would allow users to see their own data and data for any employee who reports to them, be it a direct report or in their downline.

Tagged:
8
8 votes

Submitted · Last Updated