It's a great question. I think the way to consider the difference in the scenario you highlight is:
With roles you can have one to many relationships between a user and roles (one user can have many roles).
With custom properties you have one to one relationships between a user and a property (one user can have one value from a given property).
So if your environment has a scenario where a user may be a developer in some areas and a consumer in others than a role based methodology using Security Rules is a better way to go.
Hope this helps.
It would be great if you could confirm that there is a one to many relation available with custom properties in v2.1 if you have a server. Unable to find any document to verify this theoretically.
I have a case where a user can belong to more than one department (custom property) and the security rules are based on the @department property.
I am using 2.0.4 currently and thinking of a dirty solution to create combinations of departments as multiple value assignment is not supported.
- is there a way to group user and apply security on Group?(i assume we cant use custom group as users are coming from Sql table)
- Also in future if new users are created can they be added to this group automatically based on their attributes?
Have raised separate question here
In the latest version of QS, we can assign multiple values to a Custom Properties. How do we now decide when to use Role and when to use Custom properties? Any guidance on this?