Using Eartho for roles management

Many collaborative apps allow users to read and write different pieces of data based on a set of permissions. In a document editing app, for example, users may want to allow a few users to read and write their documents while blocking unwanted access.

Role-Based Access Control

You can take advantage of the Eartho access points model to implement role-based access control in your app.

Suppose you are building a collaborative writing application in which users can create "stories" and "comments" with the following security requirements:

• Each story has one owner and can be shared with "writers", "commenters", and "readers".

• Readers can only see stories and comments. They cannot edit anything.

• Commenters have access to readers, and they can also add comments to a story.

• Writers have access to commenters, and they can also edit story content.

• Owners can edit any part of a story as well as control the access of other users.