Inside the auth service is a list of capabilities which can be given to objects. Right now it's locked onto users, since there is a not-nullable column called user_id which is a foreign key to the user table.
If I want to do things like give parts of the system capabilities, then I will need to break this connection and let package groups themselves have capabilities as well as users.
This means I should move the user_id into the constraint field, so it becomes an optional element of each capability instead of a database field which requires a user id.
Now capabilities are based on entities and using lumens polymorphic relationships, I can give capabilities to any entity. Allowing the tickets functionality
Inside the auth service is a list of capabilities which can be given to objects. Right now it's locked onto users, since there is a not-nullable column called user_id which is a foreign key to the user table.
If I want to do things like give parts of the system capabilities, then I will need to break this connection and let package groups themselves have capabilities as well as users.
This means I should move the user_id into the constraint field, so it becomes an optional element of each capability instead of a database field which requires a user id.