2013-07-01 18:51:28 +00:00
|
|
|
/**
|
|
|
|
|
Schema ACL options
|
2013-06-26 23:25:51 +00:00
|
|
|
|
2013-07-01 18:51:28 +00:00
|
|
|
Object level permissions, for example, an album owned by a user
|
2013-06-26 23:25:51 +00:00
|
|
|
|
2013-07-01 18:51:28 +00:00
|
|
|
Factors to be authorized against:
|
2013-06-26 23:25:51 +00:00
|
|
|
|
2013-07-01 18:51:28 +00:00
|
|
|
* model name: Album
|
|
|
|
|
* model instance properties: userId of the album, friends, shared
|
|
|
|
|
* methods
|
|
|
|
|
* app and/or user ids/roles
|
|
|
|
|
** loggedIn
|
|
|
|
|
** roles
|
|
|
|
|
** userId
|
|
|
|
|
** appId
|
|
|
|
|
** none
|
|
|
|
|
** everyone
|
|
|
|
|
** relations: owner/friend/granted
|
2013-06-26 23:25:51 +00:00
|
|
|
|
2013-07-01 18:51:28 +00:00
|
|
|
Class level permissions, for example, Album
|
|
|
|
|
* model name: Album
|
|
|
|
|
* methods
|
2013-06-26 23:25:51 +00:00
|
|
|
|
2013-07-01 18:51:28 +00:00
|
|
|
URL/Route level permissions
|
|
|
|
|
* url pattern
|
|
|
|
|
* application id
|
|
|
|
|
* ip addresses
|
|
|
|
|
* http headers
|
2013-06-26 23:25:51 +00:00
|
|
|
|
2013-07-01 18:51:28 +00:00
|
|
|
Map to oAuth 2.0 scopes
|
|
|
|
|
|
|
|
|
|
*/
|
