Permissions in todo categories


#1

I’m making a todo app where it is possible to have sub categories. But what is the best way to make permissions.

User1 makes a category Company name and a sub category Customer1 and a sub category to customer1 New webpage

Howto share Company name and all its sub categories with other users, only categories and task with public checked is visible

Do I make collections with permissions for categories and task or is there a better way?


#2

You could add two array fields to the category. In one you store the ids of users that have read access, in the other you store ids of users that have write access.

You could make a recursive function like this, which would work with infinitely nestable categories.
It returns true if the user has access rights to the category, or access rights to any of its parents.

checkPermission(categoryId, userId){
	let category = Categories.findOne(categoryId)
	if (_.contains(category.write, userId)){
		return true
	} else if (category.parentId){
		return checkPermission(parentId, userId)
	} else {
		return false
	}
}

#3

Howto use it with this code? it is where I find the categories

 'parentcat': function(){
      var thisurl_catId1 = Router.current().params._id;
      return Categories.find({_id: thisurl_catId1, userid: Meteor.userId()});

}