node-rest-starter implements a team system to aid in the organization of and access to application resources.
Teams are used to manage the organization of and access to resources in the application. Each resource is 'owned' by a team, and only members of that team can view that resource.
Teams support a hierarchy of access control where each role builds on the previous adding additional privileges.
This is the most basic team role. It provides 'read only' access to team resources.
This role grants the user the ability to create/edit/delete resources on behalf of the team.
This role grants the user the ability to add/remove members of the team and to delete the team itself.
The nested teams feature allows for creating a hierarchy of teams. Internally, the relationships between teams are tracked using the Array of Ancestors pattern.
By default, nested teams provide access to resources in a top-down manner (i.e. members of a parent team have the same access rights to resources owned by any child teams).
Implicit teams allow for granting membership to a team implicitly based on externalRoles or externalGroups defined on
the user. Currently, implicit team members are granted the Member role. `