# Users, Roles and Permissions

This is the design document for https://gitea.toal.ca/oys/bab-app/issues/11

## Backend Concepts

Utilizing the AppWrite backend provides us with some basic concepts we can use:

### Users, Groups, and Labels

#### Teams

Teams are AppWrite groups of users. Teams can be assigned roles, which can be assigned permissions. Teams "contain" users. A team has more permissions to manage it's members than labels, which are assigned / removed, rather than 'invited / left'.

#### Labels

Labels are AppWrite tags for users. Users have Labels as attributes. Like teams, labels can be used for Role / Permission mapping.

### Permissions

https://appwrite.io/docs/advanced/platform/permissions

Permissions are fine-grained access control for users and objects. They follow standard "CRUD" patterns.

## BAB Concepts

For teams, there will, to start, be the following:

- `staff` : Individuals with authority / responsibilities
  - `maintenance` : Staff responsible for maintenance (eg: Boatswain)
  - `admin`: Administrators of the program / application
- `school` : Members of the Sailing School (Instructors & Students)
  - `student` role : A student in the school
  - `instructor` role: An instructor in the school
- `bab` : Members of the BAB program
  - `skipper` role: A member who has passed skipper certification

The following are the initial labels:

- TBD