Parse has some nice tools for the sharing of objects through its ACLs and Role based hierarchy, however I’ve found this very limiting when you have to optionally 100’d or 1000’s of objects at a users request.
Use case
Suppose we have an app where users create content (i.e. posts, images, favourites etc) and they would like to optionally share that content with other users or within a team of users.
The creation of Team is quite easy and Parse gives us the Role capability so we can group all the users within a team and give them a role. We can then assign that role as an ACL to each object that needs to be shared within the Team. Simple, however, there becomes a point where the updating of 1000’s of objects with new ACLs becomes cumbersome, performance intensive and just a little worrying if I’m being honest!
So, is there a method or strategy that anyone has developed, such as using some sort of join-class in order to flexibly manage the sharing of content between users. Obviously if there isn’t an ACL on the object that is being shared then we are in dangerous territory of using masterKey to read / write to said objects. Then we bring in the permissions of Read and Write and how we can manage those at scale!
I’ve considered creating some sort of shareTable which maintains the access permissions the people:objects however, it seems there is no getting away from having to run ACLs on the individual objects, unless you want to go fully bespoke and manage all permissions yourself… not something I’m keen on doing for obvious reasons.
If anyone has any suggestions of examples of running a flexible permission based sharing system like this I’m all ears.
Many thanks