Add conditions to access rules

[mkrecek234]

Feature request:
Allow rules to include certain conditions to be applicable, notably for example: make rule applicable if mode entity's field user_id is or is not identical to logged in user_id, pr entity carries a reference to a user group (which is allowed to edit only for example.

Currently commented out.

login/src/Acl.php

Line 95 in 3eecdc3

// Call $app->acl->can('admin'); for example to find out if user is allowed to admin things.

[mvorisek]

please always provide a link /w and specific hash/version git tag when refering to a code

[mkrecek234]

To be more precise what use cases would be helpful for conditions in rules:

1. Simple: Filter model based on model field (e.g. all customers from Greece)

2. User-related 1: Filter all customers where customer->creator_id = logged-in user_id

3. User related 2; All customers where creator_id is also in same team as logged in user id

4. User related 3: All customers where 1:N model customer_accessusers also includes the logged-in user

[mvorisek]

1. ... 4. can be easily added by hooking on the ADD persistence hook as the current Acl impl does.

if you want these conditions saveable as ACL rule, then scope serialization (or some more canonical export) should be implemented