I'm currently building a web application for which website administrators can register their website. They'll be able to add multiple domain names that belong to that website, as well as sub items (think of them as blog articles) that will belong to the website.
Also, the administrator must be able to add users (employees?), that can access those articles.
My problem begins here. How can I manage the permissions for those users if I want to let the administrator decide whether, for example, user A can edit or delete (or both) article A, but not article B. User B, could perhaps edit article A, but not delete it, while it can edit AND delete article B.
I am calling the model 'article' for the sake of not revealing my idea, but the 'articles' aren't gonna be created as often as actual blog articles. Administrators will probably have 1, maybe 2 or 3 'articles' per website.
I've searched very long for any kind of solution to this, but it seems like it isn't documented very well.
Many thanks in advance!