I am looking for suggestions / alternative approaches for managing DCA by the user's assigned Role. Ideally, there would be an easy way to maintain this going forward.
1) I have heard a rumor that there is a trick wherein you somehow create a filtering module, then use the normal Roles>>Modules access assignments. Access to the filtering module somehow controls access to the line item. If this approach works, it would minimize maintenance and simplifiy the overall process. Unfortunately, I have been unable to make this work. Does anyone have a trick up their sleeve?
2) Another alternative might go something like this: Create (and maintain) a List of Roles, build a module by Users and Roles, export / import the Roles tab in order to maintain the mapping of Users to Roles, then use booliean logic like "If user has Role and Role is allowed read access then true" as filters for DCA. Is there a practical how-to set of steps for this?