Using Eartho for roles management

Many collaborative apps allow users to read and write different pieces of data based on a set of permissions. In a document editing app, for example, users may want to allow a few users to read and write their documents while blocking unwanted access.

Role-Based Access Control

You can take advantage of the Eartho access points model to implement role-based access control in your app.

Suppose you are building a collaborative writing application in which users can create "stories" and "comments" with the following security requirements:

  • Each story has one owner and can be shared with "writers", "commenters", and "readers".

  • Readers can only see stories and comments. They cannot edit anything.

  • Commenters have access to readers, and they can also add comments to a story.

  • Writers have access to commenters, and they can also edit story content.

  • Owners can edit any part of a story as well as control the access of other users.

Last updated