The documentation on GitHub mentions basically nothing about them. Isn’t a role technically a type of group?
groups are collections of user. There are actually 25 mentions of groups in the Readme.MD file.
Use groups if you want to save time.,
1 Like
After watching the Adrian Lanning: Authorization with Meteor-Roles – Devshop 5 Tech Talk and @muaddib 's suggestion, I have deduced the following:
- Roles are used to define actions, like
canEditUsersorcanBroadcastAnnouncements - Groups are used to define groups like
teachersormoderators
A practical examples would be to create Moderator and Administrator groups and then create canEditPosts and canBanUsers roles. Moderators could only edit posts, but Administrators could edit posts and ban users.
1 Like
@mishashapo98, sorry for the confusion. The “roles” in the meteor-roles package are basically just tags that you attach to a user and can check for later. The “groups” are ways for you to partition the tags into independent bins. A user could have a role called “manage-personnel” in group “try-n-save” while having another role “patron” in group “moes-tavern”.
So groups provide a way for a user to have independent sets of roles.
In our app, we have users that are members of different “networks” and may have different permissions in each. So we use the network id for the group when adding users to roles or checking membership. Using an example from the readme,
Roles.addUsersToRoles(joesUserId, ['manage-team','schedule-game'], 'manchester-united.com')
Roles.addUsersToRoles(joesUserId, ['player','goalie'], 'real-madrid.com')
…we have two groups, ‘manchester-united.com’ and ‘real-madrid.com’. In this case, Joe is a manager of Manchester United but a goalie for Real Madrid. (We’ll assume its fantasy football…)
If your app has no need to partition a user’s roles into different, independent sets, then you can skip using groups entirely.
EDIT: I updated the readme so hopefully it will be clearer as to what groups are and how to use them.
5 Likes
Oh wow, thank you for the awesome explanation, @alanning . I can see how useful groups are now. Thanks again. =)
The idea is great, but the naming convention is a bit confusing. Maybe a Role subgroup. Other than that, i really like the functionality and I really appreciate good documentation.