Im working on a personal project using the MERN stack (with MySql instead of Mongoose). For the backend I am attempting to setup the user permissions to have the level of access below but keep getting caught up on how to actually implement the permissions checks. I've looked at using CASL or Casbin or just creating something from scratch but I cant quite get my head around how to set this up.
const testData = {
users: [
{ id: 1, username: "Curly" },
{ id: 2, username: "Moe" },
{ id: 3, username: "Larry" },
],
leagues: [
{ id: 1, leaguename: "League 1" }
],
series: [
{ id: 1, seriesname: "Championship Series", leagueId: 1 },
{ id: 2, seriesname: "Fun Series", leagueId: 1 },
],
seasons: [
{ id: 1, seasonnumber: 1, seriesId: 1 },
{ id: 2, seasonnumber: 1, seriesId: 2 },
],
leagueorganizers: [
{ leagueId: 1, userId: 1 }
],
seriesorganizers: [
{ seriesId: 1, userId: 2 },
{ seriesId: 2, userId: 2 },
],
seasonorganizers: [
{ seasonId: 2, userId: 3 }
],
};
The following statements should be true:
- Curly has Full access to:
- League 1 (any future series)
- League 1 - Championship series (any future seasons)
- League 1 - Championship series - Season 1
- League 1 - Fun series (any future seasons)
- League 1 - Fun series - Season 1
- Moe has Full access to:
- League 1 - Championship Series (any future seasons)
- League 1 - Championship Series - Season 1
- League 1 - Fun Series (any future seasons)
- League 1 - Fun Series - Season 1
- Larry has Full access to:
- League 1 - Fun Series - Season 1
