Back
Permission management for dependent collection to main collection
What is the best approach to handle all the permission management in this scenario? Let’s say I have three different collections. Client collection, follow up collection and health collection.
Client collection: support document level permissions. When creating document i will add users who can access as permissions
Followups and Healths collection will have clientId as attributes.
Where the user can access any client in clients collection, they can only access Followup and Healths which contains the clientId that they can access in clients collection.
- Option1: making followup and health collection to support document level permission. it will be lot of permissions data and handle updates of clients will also have to require to update follow up and health collection
- Option2: only client support document level permission. When accesing follow up or health. Must check user first based on clients document permission which clients that user can access. Then listing all one by one based on equal conditions clientId=xxxx
Additional: more collection like followup and healths which are dependent on Client.
Please share your thoughts
TL;DR
Developers are seeking advice on handling permission management for collections that are dependent on a main collection. Two main options are discussed:
1. Option1: Implement document-level permissions for all collections, which could result in a lot of permissions data and necessitate updates when client data changes.
2. Option2: Only apply document-level permissions to the main client collection. When accessing follow-ups or health data, developers must first check the user's permissions and then list the data accordingly based on client ID conditions.
Considerations include the hierarchical relationship between the collections and the potential complexity of managing permissions across multiple interconnected collections.