biota
biota copied to clipboard
Add plans/subscriptions management
Summary
Integrate logic in order to:
- give permissions based on a subscription a user has
- keep track of usage to apply limitations (ex: max number of documents owned in a collection)
What it implies:
- Plans are roles named
biota.plan.<id>
- Relation between a user (or any document) and plan is called a subscription
- Relation is determined by a
_membership.plan
field on a document
Basic example
Plan definition:
// API is very similar to db.role() if not the same
db.plan('basic').insert()
// update permissions
db.plan("basic").privileges.set({
resource: Collection('todos'),
rights: {
insert: ['owner']
}
})
// expire in an hour
db.plan('basic').expireIn(3600)
// list plans
db.plans.findAll()
Motivation
Properly manage the user's permissions through a common model of plans/subscriptions.