I am trying to implement role based access in the repository. This is not a problem for entities/items, but we also need to be able to restrict access to certain parts of our rulesets to certain roles.
In an ideal scenario, most of the users would have read only access to the information in the RMA, whereas editing would be restricted.
One way to solve this would be using conditional blocks in the display. That would allow me to represent a "normal" templetized/editable interface for user with the proper role(s), whereas other users could be shown a read only view of the data.
I have tried this approach, but my biggest problem with this as of now is that I need to find the username of the currently logged in user. With a username, I can request the corresponding roles from the LDAP server, and do the role based display based on those.
Does anyone have any ideas how to solve this? Either how to find the username/credentials so that I am able to implement the scenario described above, alternatively another way to do role based authorization/access at the template level?