roles

let’s say I have 2 roles:

articeAuthor

groupMember

and task:

mayPublishArticleInGroup

I want give access to mayPublishArticleInGroup only for members who have BOTH articleAuthor and groupMember roles. Is it possible to model it with use of RBAC.

In this situation I usally create a third role that is child of articeAuthor and groupMember

This third role will not work. checkAccess will allow action when user is articleAuthor OR groupMember.

What I want is to change OR to AND in this condition.