alanning
commented
9 years ago Hi Max,
Yes, you are right. Currently can not index directly on the group. I plan to change the design for roles 2.0 but no estimate on when that will be started. You can see some more thoughts on the underlying structure here: https://github.com/alanning/meteor-roles/issues/86
For now, the way I handle this in production is I use another field which is just an array of 'groups' that the user has access to. That field is indexed so we query on that and then filter by permissions as needed.
Strangely enough, we have run across some benefits of having a separate field for top-level access. One example is that it lets management users assign roles independently of whether the target user is ready to have full access to the group. Another is that roles persist across top-level access removal/re-addition. Could be handled in other ways but nice to just have it work.
mxab
Hi, in our multi tenant application we have a lot of dynamic groups, for example teams that get created by the users, so we started to add users to groups like this
Roles.addUsersToRoles(theUserId, ["team-member"], 'team:' + teamId);which works ok so far but from how I understand it the groups are are "keys" in mongo so in my user I have:which makes the groups impossible to index, so if I have thousands of teams and I want to check which users have the 'team-member' role in the group
"team:"+team._idI would need to perform a full collection scan. Is there any way how I could improve that?