Users Groups With 2 Members Able To "Share" The Same Record

rebcontracts · September 16, 2019, 11:06pm

I wanted to see if there is a straightforward way of doing this the “Cuba Platform” way without custom code… I could just dive in… But, I want to work with the platform as much as possible and avoid reinventing the wheel.

Here is a very high level User Story…

Let’s say I have a Cuba Platform app…

I have an Admin who is “all seeing and all knowing.” He or she can see everyone’s records and edit everyone’s records.

I also have many “work groups” with exactly two members. Only those within the “work group” can see the records of others in their “work group.” Members in one work group cannot see the records of another work group.

Let’s look at an example:

Red Group - Bill and Mike
Green Group - Betty and David

Visibility of records:

The Admin can view, edit and delete records belonging to everyone.

Bill can view, edit and delete records belonging to himself and Mike because they are both members of the Red Group.

Mike can view, edit and delete records belonging to himself and Bill because they are both members of the Red Group.

Mike and Bill (in Red Group) have no visibility to records belonging to Betty and David (in Green Group) .

Betty and David (in Green Group) have no visibility to records belonging to Mike and Bill (in Red Group).

I would greatly appreciate it if someone could tell me how to implement this as cleanly as possible.

I appreciate your help.

Thanks!

stefan.kraus · September 17, 2019, 4:30pm

Hi @rebcontracts,

welcome to CUBA platform!

In general it should be possible with CUBA to setup so called ‘Access Groups’ to fulfill your requirements.

Please take a closer look at the documentation, especially the part:
https://doc.cuba-platform.com/manual-7.1/groups.html

and maybe also the samples would be an addition input for you:
https://doc.cuba-platform.com/manual-7.1/local_admins_example.html

BR
Steven

mario · September 17, 2019, 6:25pm

Hi,

You can also look at a blog post i wrote a while ago: CUBA Security Subsystem Distilled – Road to CUBA and beyond...

There is a section called: “ » Walter is responsible for the Northeast of the US“ which basically is the described scenario.

Bye
Mario

rebcontracts · November 7, 2019, 3:54am

Mario & Steven,

I appreciate you taking time out to answer my question.

The main challenge is…

There will be tens of thousands of two-person groups “self-registering” for my web application. So, I am, ideally, looking for a way to code this so there is no interaction necessary.

Do you have any suggestions?

I appreciate your help.