I have a question reagrding strategy for access control of records from a MySQL database.
In my application several users can have acess to several different workspaces
Users: a, b, c, d
workspaces_table: ws1, ws2, ws3, ws4, ws5
ws_users_table: [a ws1], [a ws3], [b ws2], [c ws2], [d ws 3], [d ws4], [d ws5]
data_table: [ws1, data1, data2, data3], [ws2, data1, data2, data3], [ws3, data1, data2, data3] …
I know that roles can be used to control the security but I do not want to create a new role for each workspace as the workspaces can be allocated dynamically and be a large number over time.
Is there a good way to solve this in dreamfactory?
Any suggestions for a strategy would be appriciated.
I kind of want to add filter on the server side that only delivers records where the workspace id are present together with the current user id in the ws_user_table.
Grateful for any help or suggestions…
Best regards // Claes