User Access Controls
Let's start by defining our roles. There are 3 roles, namely Admin, Moderator and User.
Then there are 3 actions create, update and delete which are controlled by our new AccessRule class and the following rules are applied.
- create action is available to User, Moderator and Admin roles.
- update actions is available to Moderator and Admin roles.
- delete action is only available to the Admin role.