Closed kirtic closed 4 years ago
Personally I believe that per-document permissions should be stored with the document itself. So this package is not suitable for that.
But people do do that, making group for every document.
You can use a string pattern for your groups such as "documentType:docId" to grant users permissions to each document.
For example, you could grant roles for documents of type issue
or of type product
as below:
Roles.addUsersToRoles(userId, ['view','edit'], 'issue:' + issueId)
Roles.addUsersToRoles(userId, ['view','edit'], 'product:' + productId)
I agree with @mitar that per-document permissions should be stored on the document. I wonder if cloning this package and changing it slightly to work on the Documents collection rather than the Users collection would suit your needs. Conceptually similar use cases, just different destinations.
So you'd have something like:
DocPermissions.addUsersToRoles(docId, ['view','edit'], userId)
I am using per-document permissions in my apps but it is a bit trickier than approach here. What you want there is often matching two things: a function which says yes or not for a current user, and a query which selects a document, if it has permission.
That would be really helpful. What would be the ETA for that feature?
On Thu, Sep 8, 2016 at 2:23 PM, Adrian Lanning notifications@github.com wrote:
I agree with @mitar https://github.com/mitar that per-document permissions should be stored on the document. I wonder if cloning this package and changing it slightly to work on the Documents collection rather than the Users collection would suit your needs. Conceptually similar use cases, just different destinations.
So you'd have something like:
DocPermissions.addUsersToRoles(docId, ['view','edit'], userId)
— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/alanning/meteor-roles/issues/212#issuecomment-245745784, or mute the thread https://github.com/notifications/unsubscribe-auth/ABT_9I3s38iON2oKawJwTYc77wpZSQqlks5qoHzEgaJpZM4J29y_ .
We aren't planning to add per-document functionality to this package. I'd suggest searching atmosphere for other authorization packages. Some helpful keywords to search on may be:
access control list acl acl-based authorization per-document authorization
On Thu, Sep 8, 2016 at 7:49 PM, kirtic notifications@github.com wrote:
That would be really helpful. What would be the ETA for that feature?
On Thu, Sep 8, 2016 at 2:23 PM, Adrian Lanning notifications@github.com wrote:
I agree with @mitar https://github.com/mitar that per-document permissions should be stored on the document. I wonder if cloning this package and changing it slightly to work on the Documents collection rather than the Users collection would suit your needs. Conceptually similar use cases, just different destinations.
So you'd have something like:
DocPermissions.addUsersToRoles(docId, ['view','edit'], userId)
— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/alanning/meteor-roles/issues/212# issuecomment-245745784, or mute the thread https://github.com/notifications/unsubscribe-auth/ABT_ 9I3s38iON2oKawJwTYc77wpZSQqlks5qoHzEgaJpZM4J29y_ .
— You are receiving this because you commented. Reply to this email directly, view it on GitHub https://github.com/alanning/meteor-roles/issues/212#issuecomment-245777583, or mute the thread https://github.com/notifications/unsubscribe-auth/AAtvDE96pwjmm9TedokcZoIyQGzzk8mpks5qoJ8agaJpZM4J29y_ .
Closing this. I think also v3.0 will make it slightly easier to make it per-document, but I still think that per-document permissions should go into documents themselves.
If we wanted to implement a google docs like role system where I can grant view, edit, ownership permissions for specific documents to specific users how should I use the roles package to make that work? Should I create a group per document and assign users to viewer, editor roles for that group?