DEV Community

Discussion on: User Types and Roles in an Activity-based Permission Systems

Collapse
 
thefacto profile image
The Facto

Great write up! I'm doing a lot of research on this topic now and one thing I always get stuck on are, for lack of a better term, "dynamic" permissions. For example, let's say you have users and users can have friends. Well, you protect the users profile information under "owner" or something. However, once two users are friends, suddenly permission is granted.

I'm curious if you've any thoughts on that!

Again, thanks for the post, really enjoyed the depth (the user defined roles was cool).