I have restaurants saved in single table in database and I want to manage visibility of every single place by allowing certain group of people to view it.
For now I have only two groups of users:
- testUser - can see all restaurants in table ( the purpose of that excercise is to provide a way to verify, how the restaurant object is entered in frontendApp running in production env)
- authenticatedUser - can see all restaurants except test ones
In future we wanted to encorporate managing role ACL for selected asset for more roles.
My basic idea was to assign the most restric acl for database table, and than modify selected item’s role acl.
I have also implemented some servercode services in Java so I am able to filter out some restaurant objects based on some property for example, however the downside of that solution is that it will be harder to exclude related objects to selected restaurant in query results. (As I have tested that with my solution ACL feature for users excludes both asset and related objects from query results).