I’m adding a Ghost instance behind an already existing authentication service. Each user logging in to that service has a distinct set of permissions. I’m planning to associate those permissions with tags on Ghost posts. I want to only show a given post to visitors if they have the permission that goes with the tags attached to that post. Visitors should have no knowledge that a post even exists if they don’t have permission for its tags.
I’ve made edits to the Ghost core code to pull down the permissions for the specific user, so I’m halfway there. My question is where is the best place in the Ghost core code to modify the set of posts that a visitor would know about?
- What’s your URL? Not online yet
- What version of Ghost are you using? 3.41.5
- How was Ghost installed and configured? Using How to install Ghost locally on Mac, PC or Linux
- What Node version, database, OS & browser are you using? Node 14.15.4
- What errors or information do you see in the console? N/A
- What steps could someone else take to reproduce the issue you’re having? N/A