I need a Java Spring REST web service which will allow users to login (via Spring Security) via angularjs screen & mobile.
and allow a particular user to add image details and album details and being able to upload images.
Only this user can edit the details of the album and/or particular images within this album, which he has permissions for.
Let's say User X logs in with his credentials and he adds an album and upload some images to this new album along with their description
to this new added album. Then user X should also have an ability to give user Y either read, edit, delete or Admin permission
or any two permissins or all by giving admin permission (via Spring Security ACL) on any particular album out of all albums or a particular image.
But X can do this with only the Albums or Images he has permissions for not every album.
That means if user X has only Admin writes no other permission would be needed.
For more clarification, If User X gives User Y Admin permissions...