I have a very high level design question. Roles security seems too simplicatic in some cases. For instance, when a user has access to only specific business object instances. For instance, in my case, a user has to be related to a location before that user has access to that locations data.
I'm not really sure how a model like this should be implimented. It's not enought for a user's roles to be loaded, since it could have more or less permissions to specific instances of a location object.
This seems like a common a design requirement. Am I making the problem harder than it actuall is?
Copyright (c) Marimer LLC