Access Control List (ACL) - mwilkin-401-advanced-javascript/bend-javascript-401d2 GitHub Wiki

Access Control List is an implementation of access control, a security technique that regulates who or what can view or use resources. This is a fundamental concept in digital security that minimizes risk where every authorized user of the resource has a defined role. It is typically implemented along with authentication. ACL is usually represented as a table of privileges. If authentication is a lock on the main door of the hotel, then access control is the individual access card they give to each user for accessing their room. ACL table image

The roles will have capabilities (aka access or privileges) associated them. Typical roles are administrator, editor and reader. While the titles may differ and exact capabilities may differ from the example below, they generally fallow the following schema:

  1. Administrators have full access to update, read, create and delete data.
  2. Editors have access to update, read and create data.
  3. User has only the ability to read data