Introduction

Before knowing exactly how to code things to make them work, a conceptual introduction is necessary before using any type of addon. That being said, understanding at a broad level how Access Control works is important before considering how to specifically code it's functions.

What is Access Control?

Access Control is the serverside implementation for allowing users to have limited access to various pieces of data based on permissions set up in the app. It allows you to have some control over who can see what data. The primary difference from Auth Core, through Group Control and Access Control is that Auth Core (through GC) restricts functionality within the app (limiting certain pages or certain actions based on the role you have in that app, set up in Group Control), whereas Access Control limits data, and is more dynamic (Access Control is set up per user per item rather than per user per app).

How does it work, conceptually?

Conceptually, Access Control works seemlessly with ember-fw-acl. The user uses the modal from ember-fw-acl to choose the various access "rules" for that item. Then these rules are saved to an access table on the database, and this access table is accessed to ensure the user has access before loading anything on the serverside (based on the level of access he has on the access table). There is an ability to become very granular with the rules or very general, based on how many special types you wish to add, but on the whole that is how it works.

Parts of this documentation

Access Control is probably one of our most complicated addons, but it is also an addon which the end user has to do the most to ensure that it is working, so that being said, we have divided the documentation into the various aspects of things you will have to do. This structure is generally chronological (you will need to do the config and the database migration, before you can use the access control engine, etc). Here are the parts of our documentation:

  • Definitions just gives a few short and simple definitions for the different aspects of Access Control, which are assumed to be known throughout the rest of the documentation.
  • Config The config for Access Control, is without a doubt the most complicated of any of our addons, and it must continue to be augmented as you add new features to Access Control, which is why it is not covered in the setup steps.
  • Database migration This is the instructions for how to setup the database migration in order to make (or change) the access table for your app.
  • Using the Access Control Engine This document just takes you through and tells you how to implement and use Access Control after it has been set up in the config and the migration has been run.
  • Miscellaneous This page is just a catch all for other minor things which don't fit in the above categories, but probably should still be documented about Access Control.