Hello all,
I’m working on an organization-based service and want to have resource-specific permissions that are restricted by (from a user perspective) organization-specific roles. Since I’m not familiar with the specific terminology, I’m thinking of something similar to how GitHub manages their permissions:
- A single user can be a member of multiple organizations
- A user can have a different roles with different organizations that grant them access to all of an organization's resources
- A user can have access to a specific resource
- That organization-specific role determines access to different organization resources
Are there any best practices or patterns for this model?
Thanks!
Justin