I have a scenario, where my user might want to invite another person to share some or all of his/her documents.
The second user would use the same documents, not create his/her own documents. All the new stuff created by this second user would actually end up being the first user’s stuff.
My first idea was to create a new property for the second user,
primaryUserId or something similar. Then, when subscribing for documents based on user’s
_id, I would always check if
primaryUserId is set and if so, use that as the _id instead.
The same when saving documents, if the user has
primaryUserId set, then set the document’s owner to that user id.
Then again, I’m afraid I might have to restrict the seconary user’s access to some of the documents, or to be more specific, some parts of the application (and therefore, the related documents).
To do that, I thought maybe making the owner id -property an array that can store multiple user id’s. This starts to feel like a hassle, there has to be a nicer way.
Then we have the
alanning:roles -package. I haven’t used it yet, but I think I could maybe define the primary users to their own global group and then let the primary user to assign roles for the secondary user to allow access to different sections of the app (and use the primaryUserId as the group value).
I guess basically I’m looking for some sort of lightweight ACL solution in Meteor.
###Any input on the best way in Meteor to achieve this?###