give permissions based on a subscription a user has
keep track of usage to apply limitations (ex: max number of documents owned in a collection)
What it implies:
Plans are roles named biota.plan.<id>
Relation between a user (or any document) and plan is called a subscription
Relation is determined by a _membership.plan field on a document
Basic example
Plan definition:
// API is very similar to db.role() if not the same
db.plan('basic').insert()
// update permissions
db.plan("basic").privileges.set({
resource: Collection('todos'),
rights: {
insert: ['owner']
}
})
// expire in an hour
db.plan('basic').expireIn(3600)
// list plans
db.plans.findAll()
Motivation
Properly manage the user's permissions through a common model of plans/subscriptions.
Summary
Integrate logic in order to:
What it implies:
biota.plan.<id>_membership.planfield on a documentBasic example
Plan definition:
Motivation
Properly manage the user's permissions through a common model of plans/subscriptions.