let’s say I have 2 roles:
articeAuthor
groupMember
and task:
mayPublishArticleInGroup
I want give access to mayPublishArticleInGroup only for members who have BOTH articleAuthor and groupMember roles. Is it possible to model it with use of RBAC.
In this situation I usally create a third role that is child of articeAuthor and groupMember
This third role will not work. checkAccess will allow action when user is articleAuthor OR groupMember.
What I want is to change OR to AND in this condition.