User Authentication And Authorization for the User Capabilities


#1

As i have seen the documentation but was not able to get any relevant convert related to Autorization

let us consider very simple example of Forums i wanted to make 1 simple forums using Dream Factory in the forum i wanted to give the Feature of “Private Queries/post” now for this part only the person who is posting [ let us consider it as a Basic Level Role ] and the Tutor [ a higher level role than basic ] who is Assigned to that Query/post should only have rights to do modification over this part so the Basic Question Though the Roles are verified i still wanted to verify the Authorization for that particular Object

usually this can be easily done in the Framework using Auth And ACL component but i was actually not able to find out the proper Tutorial or relevant help over this part. will it be possible for to share some stuff over which i can get some help to check out more over this part.

Thanks in advance for the Help :slight_smile: and Cheers for nice Product Like this Thumbs UP for your Idea.


#2

You use the roles system to delegate data permissions. In your example, you can set up two different roles with different data permissions. In the “Roles” tab you add the roles and define service permissions (for example CRUD permissions on a particular table).

Each user is associated with one role. On logging in, the user gets a session token and the user’s role governs data permissions. To log a user in, you need to specify URL path to your DreamFactory instance, an API key (the app name you created in the “Apps” tab), and the person’s user name and password.

See the docs and screencast for more info on user authentication. Also check out this blog post for more information about user management.