Read/Write Inheritance. ACL question.

[Andy6966317]

acl question.
Initially global users can read but not write all groups (collection).
Admins can read and write groups.

After getting permission from admin for a user to "join" a group, what should I do in order for the admin and members to only be able to read/write a to do list for that group only?

If I feed the groupid into the todo acl, does that make all able to write to the group then able to write to the to-do list?

Is there inheritance of writing capabilities?

[Yurii Orishchuk]

Hi Andy,

Currently Appery.io does not support the functionality you've described above from the box.

But you can implement this logic in the following way:

1 Add to your users collection field "role".

2 Close all collections (which are needed to manage permisions with security settings).

3 Create server script which implements ACL logic and translate all requests to the REST API. This script will get current user role and implement ACL logic you need.

Regards.