Andrea PavlovicPermissons
To explain basic permissioning, we will use a helpdesk example. This is the basic table structure of our example:
There are three groups of users:
- employees
- customers
- accounting
The setup designed to make sure customers only see their own tickets, empoyees to have private comments and the accountants to have a set of departments (which are a tree) they are able to do actions for.
Tickets
Apart from read, write and delete actions, there is an additional "pay" action which will change the state of a ticket. Here is a quick overview of who can do which action:
read write delete pay
------------------------------------------
employee all all all -
customer own own own -
accounting all - - -
------------------------------------------