Ubiquitous Fine Grained Access Control With Node.js and RethinkDB
cess control is apart of virtually every application. Certain users should be able to see / do X, but never be able to do Y. Usually these kind of requirements are expressed in overly simple terms, such as:
Admin users should see that button but regular users should not.
--Every Product Manager. Ever
With traditional RDBM Systems, the direct approach is to set up a Many-To-Many relation ship between
Roles Where roles are basically like tags. Subsequently code paths are created to check if a user has a role named
admin . Which gets very ugly as these sorts of simple checks quickly have to cover increasingly complex logic for users with multiple roles and for roles that