I am implementing Attribute Based Access Control in angular typescript application with rails server.
I've searched for different solutions like followings but could not manage to implement cause of unclear solutions.
The solution points to create a method for checking objects and its permissions list like this
public boolean check(Object subject, Object resource, Object action, Object environment)
- Subject is the entity (mostly a user) that requests access
- Resource is the entity to be accessed (e.g. file, database record, Store Information, ...)
- Action is the operation to be carried on the resource (e.g. read, write, delete, ...)
- Environment is any information regarding the context of the access that might be used in making the access decision (e.g. time, network, ...).
please help guide me how can I implement custom access control system in efficient way without using
any suggestion and tips are welcome.