Reputation: 665
What is the best way to implement permission levels in the MEAN stack?
I've been following the examples in the book "MEAN Machine", and I've implemented a simple token-based authentication system that makes the contents of a certain model only available to authenticated users.
I'd like to take this to a more complex level: I need three different user types.
I am building an app where some users (let's say, vendors) can upload certain data that could only be accessible to certain authenticated users (let's say, consumers), but vendors also need to be able to see, but not edit data uploaded by other vendors. Then, there would be a third type of user, the admin, who would be able to edit and see everything, including the details of other, lower level users.
How should I proceed in constructing this?
Thanks in advance for your help.
Upvotes: 1
Views: 142
Answers (1)
Reputation: 8295
As you mentioned that the authentication system is already working and now you need to implement Access List Control. The ACL end implementation depends a lot on your database model and requirements. There are also Node modules which have the support for more advanced models like this acl module https://www.npmjs.com/package/acl, supports also MongoDB.
Upvotes: 1
Related Questions
- Session handling in mean stack
- How should I approach my back end design using the MEAN stack?
- Server side role access routing for angular JS in MEAN
- Where in the MEAN stack should validation rules be created?
- profile management in MEAN stack
- mean stack authentication - best practice
- How to manage permissions on RESTful APIs
- mean.io what's the best way to set up an admin user + admin module
- User Registration and Authentication/Authorization with MEAN Stack
- How to implement node_acl in mean stack with node.js