How to use permissions?
A brief example of how permissions would work in a real-world application.
To demonstrate the use of permissions, let's image a web app for the community of Coffee Aficionados, where users can browse coffee beans and basic and premium recipes.
- Everybody can get a list of coffee beans, but only moderators can create and delete new ones (2 scenarios: by role and with Deskree Admin Token).
- Basic recipes can only be seen and managed by registered users.
- Private recipes can only be seen and managed by users who have a "premium_member" role.
- Only moderators can delete recipes.
- The recipes are private. Therefore, nobody can get a list of them, only by uid.
- Comments can be seen and managed by registered users.
For this app, let's have the following database tables:
- Users (default)