Ok, I have been trying to get a 'custom' ACL to work with extra constraints. A normal ACL check is something like:
if(aclCheck($user, 'edit', 'really_important_value')){
// Allow $user to 'edit' the 'really_important_value'.
} else {
// Deny $user to 'edit' the 'really_important_value'.
}
But, if different users have different bounds for 'really_important_value' (user 1 can enter a value between 10 and 50, user 2 can edit a value between 20 and 60) - where do these constraints belong? Are they called constraints, bounds, attributes, parameters, rules or something else? I can't find any examples in any manual for other ACLs or existing application!
Thanks for your help!