sacarino/admin_and_owner_crud_plus_read_authenticated.js

## admin_and_owner_crud_plus_read_authenticated.js
// authenticated access to READ the model, but only admin or owner of the model can CRUD
...
"acls": [{
    "accessType": "*",
    "principalType": "ROLE",
    "principalId": "$everyone",
    "permission": "DENY"
  }, {
    "accessType": "*",
    "principalType": "ROLE",
    "principalId": "admin",
    "permission": "ALLOW"
  }, {
    "accessType": "*",
    "principalType": "ROLE",
    "principalId": "$owner",
    "permission": "ALLOW"
  }, {
    "accessType": "READ",
    "principalType": "ROLE",
    "principalId": "$authenticated",
    "permission": "ALLOW"
  }],
...

## admin_and_owner_crud_plus_read_everyone.js
// public access to READ the model, but only admin or owner of the model can CRUD
...
"acls": [{
    "accessType": "*",
    "principalType": "ROLE",
    "principalId": "$everyone",
    "permission": "DENY"
  }, {
    "accessType": "*",
    "principalType": "ROLE",
    "principalId": "admin",
    "permission": "ALLOW"
  }, {
    "accessType": "*",
    "principalType": "ROLE",
    "principalId": "$owner",
    "permission": "ALLOW"
  }, {
    "accessType": "READ",
    "principalType": "ROLE",
    "principalId": "$everyone",
    "permission": "ALLOW"
  }],
...

## only_admin_and_owner_crud.js
// only admin and the owner of the model can CRUD
...
"acls": [{
    "accessType": "*",
    "principalType": "ROLE",
    "principalId": "$everyone",
    "permission": "DENY"
  }, {
    "accessType": "*",
    "principalType": "ROLE",
    "principalId": "admin",
    "permission": "ALLOW"
  }, {
    "accessType": "*",
    "principalType": "ROLE",
    "principalId": "$owner",
    "permission": "ALLOW"
  }],
...

## only_admin_crud.js
// only admin can CRUD the model
  ...
"acls": [{
    "accessType": "*",
    "principalType": "ROLE",
    "principalId": "$everyone",
    "permission": "DENY"
  }, {
    "accessType": "*",
    "principalType": "ROLE",
    "principalId": "admin",
    "permission": "ALLOW"
  }],
...
	// authenticated access to READ the model, but only admin or owner of the model can CRUD
	...
	"acls": [{
	"accessType": "*",
	"principalType": "ROLE",
	"principalId": "$everyone",
	"permission": "DENY"
	}, {
	"accessType": "*",
	"principalType": "ROLE",
	"principalId": "admin",
	"permission": "ALLOW"
	}, {
	"accessType": "*",
	"principalType": "ROLE",
	"principalId": "$owner",
	"permission": "ALLOW"
	}, {
	"accessType": "READ",
	"principalType": "ROLE",
	"principalId": "$authenticated",
	"permission": "ALLOW"
	}],
	...
	// public access to READ the model, but only admin or owner of the model can CRUD
	...
	"acls": [{
	"accessType": "*",
	"principalType": "ROLE",
	"principalId": "$everyone",
	"permission": "DENY"
	}, {
	"accessType": "*",
	"principalType": "ROLE",
	"principalId": "admin",
	"permission": "ALLOW"
	}, {
	"accessType": "*",
	"principalType": "ROLE",
	"principalId": "$owner",
	"permission": "ALLOW"
	}, {
	"accessType": "READ",
	"principalType": "ROLE",
	"principalId": "$everyone",
	"permission": "ALLOW"
	}],
	...
	// only admin and the owner of the model can CRUD
	...
	"acls": [{
	"accessType": "*",
	"principalType": "ROLE",
	"principalId": "$everyone",
	"permission": "DENY"
	}, {
	"accessType": "*",
	"principalType": "ROLE",
	"principalId": "admin",
	"permission": "ALLOW"
	}, {
	"accessType": "*",
	"principalType": "ROLE",
	"principalId": "$owner",
	"permission": "ALLOW"
	}],
	...
	// only admin can CRUD the model
	...
	"acls": [{
	"accessType": "*",
	"principalType": "ROLE",
	"principalId": "$everyone",
	"permission": "DENY"
	}, {
	"accessType": "*",
	"principalType": "ROLE",
	"principalId": "admin",
	"permission": "ALLOW"
	}],
	...