07-20-2020, 08:23 PM
To start adding user permissions for RBAC, create a key in the cdbUsers table of your project to store the role of each user.
It's safe to write the RBAC logic in LiveCode. With this approach, you would check if the user's role (which can be retrieved with cdb_readUserAccount) and the table matches before making the call.
To create RBAC with LiveCloud, you could create a table to store individual permissions for each role. You would then query the user's role in that table to retrieve the values for each permission.
Example:
It's safe to write the RBAC logic in LiveCode. With this approach, you would check if the user's role (which can be retrieved with cdb_readUserAccount) and the table matches before making the call.
To create RBAC with LiveCloud, you could create a table to store individual permissions for each role. You would then query the user's role in that table to retrieve the values for each permission.
Example:
Code:
--Key added to cdbUsers table: "role"
--Table "permissions" created with the following keys:
--"role"
--"permission1"
--"permission2"
local tUserA, tOutputA
put cdb_readUserAccount("cora@fakeemail.com",,false) into tUserA
put tUserA[the keys of tUserA] into tUserA
put cdb_query("role","=",tUserA["role"],"permissions","cloud","recordData") into tOutputA
put tOutputA[the keys of tOutputA] into tOutputA
if tOutputA["permission1"] is true then
--allow action
else
answer "You do not have access to this table."
end if