Currently drafter has the concept of roles, which actually include cumulative permissions. We currently assign the roles as permissions/scopes on the OAuth tokens.
We should break down the actual permissions into individual actions that can be performed and assign them to roles.
The roles may still include a cumulative set of permissions so we end up with the same result if users are in the roles.
To make this easier to manage / assign to users, we should look into how to manage roles or groups of users in Auth0.
We should consider how this affects pmd3 drafter too (which doesn't use Auth0).
Currently drafter has the concept of roles, which actually include cumulative permissions. We currently assign the roles as permissions/scopes on the OAuth tokens.
We should break down the actual permissions into individual actions that can be performed and assign them to roles.
The roles may still include a cumulative set of permissions so we end up with the same result if users are in the roles.
To make this easier to manage / assign to users, we should look into how to manage roles or groups of users in Auth0.
We should consider how this affects pmd3 drafter too (which doesn't use Auth0).